urlscan.io logo urlscan.io
SecurityTrails logo

www.iphoneincanada.ca Open in urlscan Pro
162.210.199.153  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Submission: On June 04 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 153 IPs in 11 countries across 150 domains to perform 1014 HTTP transactions. The main IP is 162.210.199.153, located in Alexandria, United States and belongs to LEASEWEB-USA-WDC, US. The main domain is www.iphoneincanada.ca. The Cisco Umbrella rank of the primary domain is 556646.
TLS certificate: Issued by R3 on May 15th 2022. Valid for: 3 months.
This is the only time www.iphoneincanada.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 162.210.199.153 30633 (LEASEWEB-...)
10 207.244.74.236 30633 (LEASEWEB-...)
7 192.0.77.37 2635 (AUTOMATTIC)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
67 2607:f8b0:400... 15169 (GOOGLE)
21 18.65.100.81 16509 (AMAZON-02)
6 2606:4700:303... 13335 (CLOUDFLAR...)
14 142.251.35.162 15169 (GOOGLE)
8 2606:4700:303... 13335 (CLOUDFLAR...)
4 17 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 52.217.90.62 16509 (AMAZON-02)
4 199.232.192.134 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 104.20.229.67 13335 (CLOUDFLAR...)
5 18.65.156.226 16509 (AMAZON-02)
2 18 151.101.130.137 54113 (FASTLY)
5 2607:f8b0:400... 15169 (GOOGLE)
72 2607:f8b0:400... 15169 (GOOGLE)
29 2607:f8b0:400... 15169 (GOOGLE)
1 64.140.160.2 18450 (WEBNX)
27 34.202.70.31 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 23.197.21.31 16625 (AKAMAI-AS)
1 3.215.167.98 14618 (AMAZON-AES)
9 42 35.244.159.8 15169 (GOOGLE)
1 25 54.157.92.151 14618 (AMAZON-AES)
3 104.36.115.98 62713 (AS-PUBMATIC)
17 30 68.67.160.26 29990 (ASN-APPNEX)
9 2602:803:c002... 26667 (RUBICONPR...)
6 18 147.75.38.124 54825 (PACKET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 3.92.156.8 14618 (AMAZON-AES)
9 3.212.51.61 14618 (AMAZON-AES)
9 159.89.246.130 14061 (DIGITALOC...)
7 11 23.92.190.74 10913 (INTERNAP-BLK)
3 199.127.204.162 26120 (RHYTHMONE)
4 2607:f8b0:400... 15169 (GOOGLE)
7 151.101.194.137 54113 (FASTLY)
22 2600:9000:20e... 16509 (AMAZON-02)
8 151.101.192.134 54113 (FASTLY)
14 18.116.182.232 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
11 39 23.52.162.21 16625 (AKAMAI-AS)
13 13 34.196.68.33 14618 (AMAZON-AES)
17 19 35.71.131.137 16509 (AMAZON-02)
7 8 68.67.160.184 29990 (ASN-APPNEX)
5 5 23.66.229.147 16625 (AKAMAI-AS)
13 104.127.172.242 16625 (AKAMAI-AS)
14 23.52.161.180 16625 (AKAMAI-AS)
4 5 69.12.8.74 11742 (SPOTX-IAD)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
4 4 8.43.72.98 26667 (RUBICONPR...)
12 2607:f8b0:400... 15169 (GOOGLE)
13 21 69.173.151.100 26667 (RUBICONPR...)
31 92 142.251.32.98 15169 (GOOGLE)
2 4 52.95.125.22 16509 (AMAZON-02)
4 8 2600:1f18:4e9... 14618 (AMAZON-AES)
25 46 35.190.60.146 15169 (GOOGLE)
1 2001:4998:14:... 14777 (YAHOO)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 8.39.36.141 26667 (RUBICONPR...)
7 34.149.40.38 15169 (GOOGLE)
1 3.230.217.116 14618 (AMAZON-AES)
1 23.217.43.215 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
2 7 51.222.39.186 16276 (OVH)
9 10 141.95.98.67 16276 (OVH)
1 21 209.54.180.144 16509 (AMAZON-02)
9 2606:4700:303... 13335 (CLOUDFLAR...)
10 10 216.200.232.249 30419 (MEDIAMATH...)
1 1 8.28.7.81 62713 (AS-PUBMATIC)
6 7 69.166.1.10 27630 (AS-XFERNET)
7 10 107.178.246.49 15169 (GOOGLE)
9 9 151.101.66.49 54113 (FASTLY)
6 174.137.133.32 27257 (WEBAIR-IN...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 3 2600:9000:221... 16509 (AMAZON-02)
19 19 35.211.178.172 15169 (GOOGLE)
14 14 50.31.142.255 23352 (SERVERCEN...)
7 8 184.85.195.135 16625 (AKAMAI-AS)
9 9 162.248.18.11 62713 (AS-PUBMATIC)
6 6 104.36.115.109 62713 (AS-PUBMATIC)
2 2 8.28.7.84 62713 (AS-PUBMATIC)
7 7 198.148.27.140 19189 (PULSEPOINT)
2 52.203.82.32 14618 (AMAZON-AES)
1 1 199.187.193.177 47043 (SMARTADSE...)
7 8 2620:112:f002... 6336 (TURN-US-ASN)
4 12 52.223.22.214 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:49::40 8075 (MICROSOFT...)
21 21 67.202.105.24 32748 (STEADFAST)
1 4 67.202.105.33 32748 (STEADFAST)
6 6 75.126.248.142 36351 (SOFTLAYER)
7 7 207.198.113.204 13768 (COGECO-PEER1)
4 4 52.0.156.250 14618 (AMAZON-AES)
2 2 3.132.128.157 16509 (AMAZON-02)
2 5 54.159.78.82 14618 (AMAZON-AES)
4 4 52.7.176.196 14618 (AMAZON-AES)
1 2a03:2880:f11... 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
2 54.208.69.179 14618 (AMAZON-AES)
3 6 199.187.193.197 47043 (SMARTADSE...)
2 4 52.3.28.57 14618 (AMAZON-AES)
2 22 23.92.190.68 29791 (VOXEL-DOT...)
15 16 199.127.204.142 26120 (RHYTHMONE)
9 9 199.38.167.129 54312 (ROCKETFUEL)
11 12 54.175.87.114 14618 (AMAZON-AES)
1 1 34.111.151.213 15169 (GOOGLE)
7 7 192.184.68.166 14618 (AMAZON-AES)
1 1 34.228.204.193 14618 (AMAZON-AES)
15 34.117.239.71 396982 (GOOGLE-CL...)
8 8 2606:ae80:147... 26762 (CNVR-US-EAST)
2 18 52.207.45.55 14618 (AMAZON-AES)
5 5 185.167.164.37 198622 (ADFORM)
6 35 64.202.112.31 23352 (SERVERCEN...)
6 18.233.42.152 14618 (AMAZON-AES)
3 3 54.166.152.158 14618 (AMAZON-AES)
3 3 193.122.174.27 31898 (ORACLE-BM...)
2 3 169.197.150.8 398989 (DEEPINTENT)
6 6 54.208.181.135 14618 (AMAZON-AES)
4 4 52.54.42.45 14618 (AMAZON-AES)
2 2 124.146.215.52 2514 (INFOSPHER...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 199.232.196.64 54113 (FASTLY)
1 162.55.236.225 24940 (HETZNER-AS)
3 14 199.187.193.204 47043 (SMARTADSE...)
21 18.65.148.105 16509 (AMAZON-02)
3 5 2620:100:a001::c 19750 (AS-CRITEO)
4 74.119.119.139 19750 (AS-CRITEO)
1 34.120.155.137 15169 (GOOGLE)
1 3.225.178.202 14618 (AMAZON-AES)
3 23.52.160.130 16625 (AKAMAI-AS)
1 18.65.116.7 16509 (AMAZON-02)
1 18.65.148.55 16509 (AMAZON-02)
6 23.52.162.190 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 23.195.109.72 16625 (AKAMAI-AS)
10 142.250.72.98 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 52.201.137.214 14618 (AMAZON-AES)
2 2 192.132.33.46 18568 (BIDTELLECT)
4 6 54.205.67.126 14618 (AMAZON-AES)
2 4 104.18.99.194 13335 (CLOUDFLAR...)
1 1 18.65.148.36 16509 (AMAZON-02)
2 4 107.178.254.65 15169 (GOOGLE)
2 23.200.196.24 16625 (AKAMAI-AS)
1 1 198.24.171.52 19437 (SS-ASH)
1 1 18.210.134.164 14618 (AMAZON-AES)
4 5 23.217.18.198 16625 (AKAMAI-AS)
1 1 69.90.254.78 13768 (COGECO-PEER1)
5 5 35.207.24.140 15169 (GOOGLE)
1 1 213.19.162.80 26667 (RUBICONPR...)
1 1 18.207.82.126 14618 (AMAZON-AES)
1 1 63.251.28.218 13789 (INTERNAP-...)
3 3 74.119.119.150 19750 (AS-CRITEO)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
1 199.232.192.64 54113 (FASTLY)
2 2 35.210.53.219 19527 (GOOGLE-2)
5 5 34.206.247.163 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 4 18.65.148.115 16509 (AMAZON-02)
2 3 35.186.253.211 15169 (GOOGLE)
2 2 37.157.4.28 198622 (ADFORM)
2 2 199.187.193.182 47043 (SMARTADSE...)
1 23.52.164.28 16625 (AKAMAI-AS)
1 199.232.196.134 54113 (FASTLY)
3 3 35.190.90.30 15169 (GOOGLE)
1 1 141.226.224.48 200478 (TABOOLA-AS)
5 5 52.45.55.227 14618 (AMAZON-AES)
2 2 135.148.122.24 16276 (OVH)
1 1 4.78.226.232 3356 (LEVEL3)
1 52.210.143.40 16509 (AMAZON-02)
2 2 34.224.43.78 14618 (AMAZON-AES)
1 3.209.19.41 14618 (AMAZON-AES)
1 2600:9000:221... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 3 99.84.160.120 16509 (AMAZON-02)
1 3 52.3.39.22 14618 (AMAZON-AES)
1 1 34.202.155.225 14618 (AMAZON-AES)
1 34.203.153.203 14618 (AMAZON-AES)
1 23.88.75.189 24940 (HETZNER-AS)
2 2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2 51.178.20.140 16276 (OVH)
2 2 135.148.55.26 16276 (OVH)
3 3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 146.75.30.132 54113 (FASTLY)
1 1 3.232.26.33 14618 (AMAZON-AES)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 1 204.2.255.224 2914 (NTT-LTD-2914)
7 7 174.137.133.49 27257 (WEBAIR-IN...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 23.52.167.93 16625 (AKAMAI-AS)
1 1 159.203.145.121 14061 (DIGITALOC...)
2 2 3.229.243.180 14618 (AMAZON-AES)
2 52.5.192.179 14618 (AMAZON-AES)
1 1 34.98.67.3 15169 (GOOGLE)
3 4 52.33.194.179 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 52.73.169.144 14618 (AMAZON-AES)
1 138.199.40.58 60068 (CDN77 ^_^)
1 104.18.20.134 13335 (CLOUDFLAR...)
1 3.115.148.43 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 3.230.62.22 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3.94.73.16 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 2 18.65.148.94 16509 (AMAZON-02)
1 1 162.223.54.14 27552 (TWDX)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 63.251.88.51 10913 (INTERNAP-BLK)
1 2600:9000:221... 16509 (AMAZON-02)
1 1 15.235.42.103 16276 (OVH)
1 3.251.15.4 16509 (AMAZON-02)
1 2 18.65.116.34 16509 (AMAZON-02)
1 1 67.202.105.22 32748 (STEADFAST)
1 1 20.72.149.136 8075 (MICROSOFT...)
1 172.217.165.130 ()
1014 153
3    162.210.199.153 (Alexandria, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: edge.presslabs.net
www.iphoneincanada.ca
10    207.244.74.236 (Silver Spring, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: edge.presslabs.net
cdn.iphoneincanada.ca
7    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2607:f8b0:4006:80a::2008 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
67    2607:f8b0:4006:80c::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    18.65.100.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-100-81.kix50.r.cloudfront.net
tagan.adlightning.com
6    2606:4700:3030::ac43:cf70 (United States)

ASN13335 (CLOUDFLARENET, US)
qd.admetricspro.com
14    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
8    2606:4700:3037::ac43:a7cf (United States)

ASN13335 (CLOUDFLARENET, US)
tags.catapultx.com
demand.catapultx.com
17    2607:f8b0:4006:807::2004 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google.com
5    2607:f8b0:4006:80a::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.217.90.62 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
iphoneincanada.disqus.com
5    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
5    18.65.156.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-156-226.nrt51.r.cloudfront.net
c.amazon-adsystem.com
18    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
ins.connatix.com
img.connatix.com
cks.connatix.com
ck.connatix.com
5    2607:f8b0:4006:823::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
apis.google.com
72    2607:f8b0:4006:822::2001 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
29    2607:f8b0:4006:824::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
1    64.140.160.2 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com
geo.ipify.org
27    34.202.70.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-70-31.compute-1.amazonaws.com
pbs.nextmillmedia.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    23.197.21.31 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-21-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    3.215.167.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-167-98.compute-1.amazonaws.com
tlx.3lift.com
42    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
teachingaids-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
25    54.157.92.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-92-151.compute-1.amazonaws.com
ads.servenobid.com
3    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
30    68.67.160.26 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
9    2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
18    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
10    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
9    3.212.51.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-51-61.compute-1.amazonaws.com
btlr.sharethrough.com
9    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
11    23.92.190.74 (Fort Mill, United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
3    199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
4    2607:f8b0:4006:816::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
7    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
lit.connatix.com
vid.connatix.com
22    2600:9000:20e9:d000:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
8    151.101.192.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
14    18.116.182.232 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-182-232.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
4    2607:f8b0:4006:80e::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
39    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
13    34.196.68.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-68-33.compute-1.amazonaws.com
match.prod.bidr.io
19    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
8    68.67.160.184 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
5    23.66.229.147 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-229-147.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
13    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
14    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    69.12.8.74 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
1    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2607:f8b0:4006:80c::2006 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2607:f8b0:4006:807::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
12    2607:f8b0:4006:81e::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
21    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
92    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
4    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
8    2600:1f18:4e9:5a02:518c:735c:e4a6:5f19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
46    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
ei.rlcdn.com
rc.rlcdn.com
1    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
7    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
1    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    23.217.43.215 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-43-215.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
7    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
10    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
id5-sync.com
21    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    2606:4700:3035::6815:29f3 (United States)

ASN13335 (CLOUDFLARENET, US)
events.catapultx.com
demand.catapultx.com
10    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
10    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
9    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
rtd-tm.everesttech.net
sync-tm.everesttech.net
6    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:9000:2216:1400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
19    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
14    50.31.142.255 (Lombard, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
8    184.85.195.135 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-195-135.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
9    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
7    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    52.203.82.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-82-32.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
1    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
8    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
12    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
2    2620:1ec:49::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
21    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
6    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
7    207.198.113.204 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
loadus.exelator.com
2    3.132.128.157 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-128-157.us-east-2.compute.amazonaws.com
sync.adotmob.com
5    54.159.78.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-78-82.compute-1.amazonaws.com
ads.yieldmo.com
4    52.7.176.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-176-196.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2607:f8b0:4006:821::200d (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
2    54.208.69.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-69-179.compute-1.amazonaws.com
g2.gumgum.com
6    199.187.193.197 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
4    52.3.28.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-28-57.compute-1.amazonaws.com
x.yieldlift.com
22    23.92.190.68 (Fort Mill, United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
16    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
9    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
12    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
7    192.184.68.166 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
cms.quantserve.com
1    34.228.204.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-204-193.compute-1.amazonaws.com
cms-xch.33across.com
15    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
events-ssc.33across.com
8    2606:ae80:1471:15::440 (United States)

ASN26762 (CNVR-US-EAST, US)
33across-match.dotomi.com
casale-match.dotomi.com
openx2-match.dotomi.com
dclk-match.dotomi.com
18    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
5    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
35    64.202.112.31 (Harrodsburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
log.outbrainimg.com
6    18.233.42.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-42-152.compute-1.amazonaws.com
rtb.gumgum.com
3    54.166.152.158 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-152-158.compute-1.amazonaws.com
sync.ipredictive.com
3    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
6    54.208.181.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-181-135.compute-1.amazonaws.com
ad.360yield.com
match.360yield.com
ice.360yield.com
4    52.54.42.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-42-45.compute-1.amazonaws.com
cs.emxdgt.com
2    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
4    199.232.196.64 (United States)

ASN54113 (FASTLY, US)
links.services.disqus.com
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
14    199.187.193.204 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
21    18.65.148.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-148-105.nrt51.r.cloudfront.net
math-aids-tagan.adlightning.com
5    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    3.225.178.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-178-202.compute-1.amazonaws.com
id.crwdcntrl.net
3    23.52.160.130 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.65.116.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-116-7.kix50.r.cloudfront.net
sync.serverbid.com
1    18.65.148.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-148-55.nrt51.r.cloudfront.net
statics.nextmillmedia.com
6    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    23.195.109.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-109-72.deploy.static.akamaitechnologies.com
sync.teads.tv
10    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:1f18:612b:4216:1045:b1b6:a84f:9c3b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    52.201.137.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-137-214.compute-1.amazonaws.com
sync.crwdcntrl.net
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
6    54.205.67.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-67-126.compute-1.amazonaws.com
pixel.advertising.com
4    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    18.65.148.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-148-36.nrt51.r.cloudfront.net
cm.smadex.com
4    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    23.200.196.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    198.24.171.52 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
1    18.210.134.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-134-164.compute-1.amazonaws.com
aorta.clickagy.com
5    23.217.18.198 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-18-198.deploy.static.akamaitechnologies.com
px.owneriq.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    18.207.82.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-82-126.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    63.251.28.218 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    199.232.192.64 (United States)

ASN54113 (FASTLY, US)
glitter.services.disqus.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
5    34.206.247.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-247-163.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4602:2c20:3113:5c28:1366 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
4    18.65.148.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-148-115.nrt51.r.cloudfront.net
aa.agkn.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-global.smartadserver.com
1    23.52.164.28 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
referrer.disqus.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
5    52.45.55.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-55-227.compute-1.amazonaws.com
pm.w55c.net
2    135.148.122.24 (United States)

ASN16276 (OVH, FR)
PTR: ns1009095.ip-135-148-122.us
gu.dyntrk.com
1    4.78.226.232 (Irving, United States)

ASN3356 (LEVEL3, US)
oxp.mxptint.net
1    52.210.143.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-143-40.eu-west-1.compute.amazonaws.com
s.cpx.to
2    34.224.43.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-43-78.compute-1.amazonaws.com
i.w55c.net
1    3.209.19.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-19-41.compute-1.amazonaws.com
realtime.clinch.co
1    2600:9000:2218:a400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
3    2607:f8b0:4006:80c::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:141b:13::17d7:8293 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
3    99.84.160.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-120.ord52.r.cloudfront.net
live.rezync.com
3    52.3.39.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-39-22.compute-1.amazonaws.com
io.narrative.io
1    34.202.155.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-155-225.compute-1.amazonaws.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
1    34.203.153.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-153-203.compute-1.amazonaws.com
rtb.adentifi.com
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    2600:141b:13::1724:128 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.clinch.co
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
c.eu1.dyntrk.com
2    135.148.55.26 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns1007663.ip-135-148-55.us
c.us1.dyntrk.com
3    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
1    146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    3.232.26.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-26-33.compute-1.amazonaws.com
fksnk.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    204.2.255.224 (Miami, United States)

ASN2914 (NTT-LTD-2914, US)
aep.mxptint.net
7    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
1    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
cs.media.net
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
2    3.229.243.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-243-180.compute-1.amazonaws.com
usermatch.krxd.net
2    52.5.192.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-192-179.compute-1.amazonaws.com
beacon.krxd.net
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    52.33.194.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-194-179.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
2    2600:141b:13::172f:91b2 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
img-cdn.clinch.co
1    52.73.169.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-169-144.compute-1.amazonaws.com
trk.clinch.co
1    138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com
cheqzone.b-cdn.net
1    104.18.20.134 (None, )

ASN13335 (CLOUDFLARENET, US)
idsync.reson8.com
1    3.115.148.43 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-148-43.ap-northeast-1.compute.amazonaws.com
sync-jp.im-apps.net
1    85.114.159.93 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    3.230.62.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com
ps.eyeota.net
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    3.94.73.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-73-16.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
2    18.65.148.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-148-94.nrt51.r.cloudfront.net
ads.scorecardresearch.com
1    162.223.54.14 (United States)

ASN27552 (TWDX, US)
PTR: lrpush.apxlv.com
lrpush.apxlv.com
2    2606:4700::6812:19ac (United States)

ASN13335 (CLOUDFLARENET, US)
gpush.cogocast.net
1    63.251.88.51 (United States)

ASN10913 (INTERNAP-BLK, US)
adadvisor.net
1    2600:9000:221d:4000:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    15.235.42.103 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl
ws.rqtrk.eu
1    3.251.15.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com
partner.mediawallahscript.com
2    18.65.116.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-116-34.kix50.r.cloudfront.net
map.go.affec.tv
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp1.33across.com
1    20.72.149.136 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    172.217.165.130 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
140 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271
512 KB
140 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
ade.googlesyndication.com
1 MB
54 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 445
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 977
eus.rubiconproject.com — Cisco Umbrella Rank: 530
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1073
token.rubiconproject.com — Cisco Umbrella Rank: 644
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4204
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2263
93 KB
47 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 555
api.rlcdn.com — Cisco Umbrella Rank: 783
idsync.rlcdn.com — Cisco Umbrella Rank: 300
ei.rlcdn.com — Cisco Umbrella Rank: 1839
rc.rlcdn.com — Cisco Umbrella Rank: 3337
5 KB
45 openx.net
teachingaids-d.openx.net — Cisco Umbrella Rank: 23635
us-u.openx.net — Cisco Umbrella Rank: 348
u.openx.net — Cisco Umbrella Rank: 699
rtb.openx.net — Cisco Umbrella Rank: 1376
eu-u.openx.net — Cisco Umbrella Rank: 1641
7 KB
42 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1378
math-aids-tagan.adlightning.com — Cisco Umbrella Rank: 115624
546 KB
41 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 391
acdn.adnxs.com — Cisco Umbrella Rank: 550
87 KB
39 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 706
widgets.outbrain.com — Cisco Umbrella Rank: 1257
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2649
odb.outbrain.com — Cisco Umbrella Rank: 1404
89 KB
39 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 439
ssum.casalemedia.com — Cisco Umbrella Rank: 1279
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518
r.casalemedia.com — Cisco Umbrella Rank: 1402
dsum.casalemedia.com — Cisco Umbrella Rank: 1174
55 KB
39 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3085
cds.connatix.com — Cisco Umbrella Rank: 3207
capi.connatix.com — Cisco Umbrella Rank: 3465
lit.connatix.com — Cisco Umbrella Rank: 6829
ins.connatix.com — Cisco Umbrella Rank: 4945
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 3823
vid.connatix.com — Cisco Umbrella Rank: 3911
img.connatix.com — Cisco Umbrella Rank: 3790
cks.connatix.com — Cisco Umbrella Rank: 4399
ck.connatix.com — Cisco Umbrella Rank: 5473
1 MB
38 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 887
cms-xch.33across.com — Cisco Umbrella Rank: 3277
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1983
events-ssc.33across.com — Cisco Umbrella Rank: 1520
dp1.33across.com — Cisco Umbrella Rank: 5080
14 KB
35 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 416
ads.pubmatic.com — Cisco Umbrella Rank: 413
image6.pubmatic.com — Cisco Umbrella Rank: 564
image8.pubmatic.com — Cisco Umbrella Rank: 558
image2.pubmatic.com — Cisco Umbrella Rank: 819
image4.pubmatic.com — Cisco Umbrella Rank: 784
simage2.pubmatic.com — Cisco Umbrella Rank: 566
141 KB
33 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 575
ce.lijit.com — Cisco Umbrella Rank: 821
64 KB
33 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 820
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
ads.yahoo.com — Cisco Umbrella Rank: 1013
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 942
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
cms.analytics.yahoo.com — Cisco Umbrella Rank: 761
15 KB
30 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1099
s.amazon-adsystem.com — Cisco Umbrella Rank: 265
61 KB
28 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 10759
statics.nextmillmedia.com — Cisco Umbrella Rank: 27671
20 KB
27 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com — Cisco Umbrella Rank: 3316
16 KB
26 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1382
usersync.gumgum.com — Cisco Umbrella Rank: 1794
rtb.gumgum.com — Cisco Umbrella Rank: 1119
8 KB
26 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
apis.google.com — Cisco Umbrella Rank: 100
accounts.google.com — Cisco Umbrella Rank: 78
48 KB
23 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6572
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1156
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1924
11 KB
22 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 4124
752 KB
20 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1087
assets.a-mo.net — Cisco Umbrella Rank: 3622
12 KB
19 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 269
9 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
data.adsrvr.org — Cisco Umbrella Rank: 5293
10 KB
19 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1201
sync.1rx.io — Cisco Umbrella Rank: 499
9 KB
18 disqus.com
iphoneincanada.disqus.com
disqus.com — Cisco Umbrella Rank: 2859
links.services.disqus.com — Cisco Umbrella Rank: 11725
glitter.services.disqus.com — Cisco Umbrella Rank: 9644
referrer.disqus.com — Cisco Umbrella Rank: 6128
124 KB
17 catapultx.com
tags.catapultx.com — Cisco Umbrella Rank: 16056
events.catapultx.com — Cisco Umbrella Rank: 23338
demand.catapultx.com — Cisco Umbrella Rank: 28274
164 KB
14 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 538
9 KB
13 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 464
5 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 533
eb2.3lift.com — Cisco Umbrella Rank: 372
5 KB
13 iphoneincanada.ca
www.iphoneincanada.ca — Cisco Umbrella Rank: 556646
cdn.iphoneincanada.ca — Cisco Umbrella Rank: 874042
110 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 358
mug.criteo.com — Cisco Umbrella Rank: 2958
dis.criteo.com — Cisco Umbrella Rank: 679
4 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
510 KB
11 turn.com
ad.turn.com — Cisco Umbrella Rank: 693
d.turn.com — Cisco Umbrella Rank: 792
r.turn.com — Cisco Umbrella Rank: 2741
5 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1452
id5-sync.com — Cisco Umbrella Rank: 600
26 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 405
1 KB
10 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 409
5 KB
10 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3133
sync.serverbid.com — Cisco Umbrella Rank: 6227
x.serverbid.com — Cisco Umbrella Rank: 7210
3 KB
10 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1742
mp.4dex.io — Cisco Umbrella Rank: 2245
u.4dex.io — Cisco Umbrella Rank: 5113
26 KB
9 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 684
a.rfihub.com — Cisco Umbrella Rank: 2610
8 KB
9 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 3044
dsp.adkernel.com — Cisco Umbrella Rank: 4074
5 KB
9 everesttech.net
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2170
sync-tm.everesttech.net — Cisco Umbrella Rank: 536
2 KB
9 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 381
fonts.googleapis.com — Cisco Umbrella Rank: 42
746 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 953
2 KB
9 wp.com
c0.wp.com — Cisco Umbrella Rank: 6542
stats.wp.com — Cisco Umbrella Rank: 2539
pixel.wp.com — Cisco Umbrella Rank: 2449
60 KB
8 clinch.co
realtime.clinch.co — Cisco Umbrella Rank: 7015
cdn.clinch.co — Cisco Umbrella Rank: 5553
img-cdn.clinch.co — Cisco Umbrella Rank: 8970
trk.clinch.co — Cisco Umbrella Rank: 4383
127 KB
8 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 2752
casale-match.dotomi.com — Cisco Umbrella Rank: 2536
openx2-match.dotomi.com — Cisco Umbrella Rank: 4026
dclk-match.dotomi.com — Cisco Umbrella Rank: 2722
3 KB
8 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 472
tags.bluekai.com — Cisco Umbrella Rank: 463
7 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
174 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
145 KB
7 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 802
i.w55c.net — Cisco Umbrella Rank: 1467
5 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 539
cm.adform.net — Cisco Umbrella Rank: 1694
3 KB
7 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 412
cms.quantserve.com — Cisco Umbrella Rank: 936
3 KB
7 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 556
5 KB
7 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 4703
ads.yieldmo.com — Cisco Umbrella Rank: 612
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 8307
3 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 529
4 KB
7 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 883
5 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 741
3 KB
6 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1244
c.eu1.dyntrk.com — Cisco Umbrella Rank: 4947
c.us1.dyntrk.com — Cisco Umbrella Rank: 6477
4 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 521
i6.liadm.com — Cisco Umbrella Rank: 1479
4 KB
6 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 460
2 KB
6 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 622
match.360yield.com — Cisco Umbrella Rank: 3818
ice.360yield.com — Cisco Umbrella Rank: 1608
2 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 758
3 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3029
onesignal.com — Cisco Umbrella Rank: 1276
img.onesignal.com — Cisco Umbrella Rank: 6685
215 KB
6 admetricspro.com
qd.admetricspro.com — Cisco Umbrella Rank: 24028
338 KB
5 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 415
d.agkn.com — Cisco Umbrella Rank: 531
3 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 773
2 KB
5 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 869
3 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 492
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 194
3 KB
4 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1183
beacon.krxd.net — Cisco Umbrella Rank: 424
1010 B
4 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5135
2 KB
4 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3983
log.outbrainimg.com — Cisco Umbrella Rank: 2061
1 KB
4 pippio.com
pippio.com — Cisco Umbrella Rank: 772
6 KB
4 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 511
788 B
4 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1475
sync.crwdcntrl.net — Cisco Umbrella Rank: 678
bcp.crwdcntrl.net — Cisco Umbrella Rank: 836
2 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 649
1 KB
4 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 837
808 B
4 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3542
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 751
1 KB
4 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1120
loadus.exelator.com — Cisco Umbrella Rank: 1122
4 KB
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1246
hde.tynt.com — Cisco Umbrella Rank: 4317
10 KB
3 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 2954
2 KB
3 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2239
1 KB
3 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2215
3 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 13487
flint.defybrick.com — Cisco Umbrella Rank: 13551
22 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 840
804 B
3 media.net
contextual.media.net — Cisco Umbrella Rank: 503
cs.media.net — Cisco Umbrella Rank: 1358
2 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 586
5 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 811
894 B
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1009
2 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 910
1 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 691
2 KB
3 google.ca
adservice.google.ca — Cisco Umbrella Rank: 14230
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 320
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 768
922 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 6087
1 KB
2 cogocast.net
gpush.cogocast.net — Cisco Umbrella Rank: 2420
1 KB
2 scorecardresearch.com
ads.scorecardresearch.com — Cisco Umbrella Rank: 1992
664 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 753
s.tribalfusion.com — Cisco Umbrella Rank: 2251
1 KB
2 mxptint.net
oxp.mxptint.net — Cisco Umbrella Rank: 4283
aep.mxptint.net — Cisco Umbrella Rank: 5561
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4349
748 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 752
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 918
522 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1636
2 KB
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1290
1 KB
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 3701
531 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
86 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 11971
c.statcounter.com — Cisco Umbrella Rank: 7856
15 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
84 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2279
944 B
1 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 1925
232 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 1571
561 B
1 adadvisor.net
adadvisor.net — Cisco Umbrella Rank: 7636
385 B
1 apxlv.com
lrpush.apxlv.com — Cisco Umbrella Rank: 9691
574 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 4250
1 bing.com
c.bing.com — Cisco Umbrella Rank: 210
668 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 824
83 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1476
452 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 3119
203 B
1 reson8.com
idsync.reson8.com — Cisco Umbrella Rank: 1806
169 B
1 b-cdn.net
cheqzone.b-cdn.net — Cisco Umbrella Rank: 53263
4 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3821
392 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 1848
387 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 5872
657 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3561
325 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4057
609 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 794
131 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 989
47 B
1 imrworldwide.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com — Cisco Umbrella Rank: 39385
291 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1224
48 KB
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 1823
878 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 835
310 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 637 Failed
714 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1129
609 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2023
426 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3988
605 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3147
531 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 848
183 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1125
5 KB
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1473
159 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1692
366 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1323
17 KB
1 ipify.org
geo.ipify.org — Cisco Umbrella Rank: 63108
576 B
1 amazonaws.com
s3.amazonaws.com
140 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
69 KB
0 geistm.com Failed
id.geistm.com Failed
0 atdmt.com Failed
ad.atdmt.com Failed
1014 150
Domain Requested by
92 cm.g.doubleclick.net 31 redirects www.iphoneincanada.ca
g2.gumgum.com
googleads.g.doubleclick.net
u.openx.net
eb2.3lift.com
ap.lijit.com
ssbsync.smartadserver.com
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
67 pagead2.googlesyndication.com www.iphoneincanada.ca
pagead2.googlesyndication.com
srcdoc
tagan.adlightning.com
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
63 tpc.googlesyndication.com www.iphoneincanada.ca
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
34 us-u.openx.net 8 redirects qd.admetricspro.com
u.openx.net
googleads.g.doubleclick.net
de.tynt.com
us-u.openx.net
ap.lijit.com
32 sync.outbrain.com 6 redirects g2.gumgum.com
widgets.outbrain.com
30 ib.adnxs.com 17 redirects qd.admetricspro.com
cds.connatix.com
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
acdn.adnxs.com
prebid.a-mo.net
assets.a-mo.net
27 pbs.nextmillmedia.com qd.admetricspro.com
statics.nextmillmedia.com
u.openx.net
www.iphoneincanada.ca
de.tynt.com
26 googleads.g.doubleclick.net pagead2.googlesyndication.com
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
tagan.adlightning.com
www.iphoneincanada.ca
googleads.g.doubleclick.net
25 ads.servenobid.com 1 redirects qd.admetricspro.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
24 idsync.rlcdn.com 6 redirects live.rezync.com
www.iphoneincanada.ca
widgets.outbrain.com
22 ce.lijit.com 2 redirects ap.lijit.com
us-u.openx.net
22 c.disquscdn.com iphoneincanada.disqus.com
tagan.adlightning.com
disqus.com
c.disquscdn.com
www.iphoneincanada.ca
21 math-aids-tagan.adlightning.com tagan.adlightning.com
www.iphoneincanada.ca
21 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
21 ssc-cms.33across.com 21 redirects
21 s.amazon-adsystem.com 1 redirects tagan.adlightning.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
sync-amz.ads.yieldmo.com
eb2.3lift.com
us-u.openx.net
ap.lijit.com
www.iphoneincanada.ca
21 tagan.adlightning.com www.iphoneincanada.ca
tagan.adlightning.com
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
19 x.bidswitch.net 19 redirects
18 usersync.gumgum.com 2 redirects g2.gumgum.com
18 match.adsrvr.org 16 redirects ads.pubmatic.com
sync.serverbid.com
18 prebid.a-mo.net 6 redirects qd.admetricspro.com
cds.connatix.com
prebid.a-mo.net
17 www.google.com 4 redirects www.iphoneincanada.ca
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tagan.adlightning.com
16 rc.rlcdn.com 16 redirects
16 sync.1rx.io 15 redirects u.openx.net
16 pixel.rubiconproject.com 8 redirects www.iphoneincanada.ca
14 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
googleads.g.doubleclick.net
14 b1sync.zemanta.com 14 redirects
14 ads.pubmatic.com cd.connatix.com
ads.pubmatic.com
tags.catapultx.com
public.servenobid.com
g2.gumgum.com
cds.connatix.com
qd.admetricspro.com
www.iphoneincanada.ca
ap.lijit.com
sync.serverbid.com
14 capi-tier-1-us-east-2.connatix.com cd.connatix.com
13 events-ssc.33across.com hde.tynt.com
sync.adkernel.com
de.tynt.com
us-u.openx.net
13 eus.rubiconproject.com tagan.adlightning.com
www.iphoneincanada.ca
eus.rubiconproject.com
s.amazon-adsystem.com
hde.tynt.com
g2.gumgum.com
qd.admetricspro.com
13 match.prod.bidr.io 13 redirects
12 ups.analytics.yahoo.com 11 redirects us-u.openx.net
12 eb2.3lift.com 4 redirects qd.admetricspro.com
eb2.3lift.com
12 www.googletagservices.com 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
tagan.adlightning.com
googleads.g.doubleclick.net
11 ap.lijit.com 7 redirects qd.admetricspro.com
public.servenobid.com
ap.lijit.com
11 securepubads.g.doubleclick.net www.iphoneincanada.ca
securepubads.g.doubleclick.net
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
www.googletagservices.com
10 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.iphoneincanada.ca
10 ssum-sec.casalemedia.com 6 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
public.servenobid.com
10 pixel.tapad.com 7 redirects us-u.openx.net
live.rezync.com
de.tynt.com
10 sync.mathtag.com 10 redirects
10 id5-sync.com 9 redirects cdn.id5-sync.com
10 cdn.iphoneincanada.ca www.iphoneincanada.ca
9 image8.pubmatic.com 9 redirects
9 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
9 btlr.sharethrough.com qd.admetricspro.com
9 c2shb.ssp.yahoo.com qd.admetricspro.com
9 fastlane.rubiconproject.com qd.admetricspro.com
8 p.rfihub.com 8 redirects
8 sync-tm.everesttech.net 8 redirects
8 events.catapultx.com tags.catapultx.com
8 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
u.openx.net
8 s0.2mdn.net imasdk.googleapis.com
tagan.adlightning.com
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
s0.2mdn.net
8 secure.adnxs.com 7 redirects de.tynt.com
8 disqus.com iphoneincanada.disqus.com
c.disquscdn.com
7 pixel-sync.sitescout.com 7 redirects
7 ad.turn.com 7 redirects
7 bh.contextweb.com 7 redirects
7 sync.go.sonobi.com 6 redirects www.iphoneincanada.ca
7 onetag-sys.com 2 redirects www.iphoneincanada.ca
public.servenobid.com
widgets.outbrain.com
7 u.4dex.io eus.rubiconproject.com
www.iphoneincanada.ca
de.tynt.com
ssbsync.smartadserver.com
7 c0.wp.com www.iphoneincanada.ca
6 x.serverbid.com sync.serverbid.com
6 pixel.advertising.com 4 redirects googleads.g.doubleclick.net
6 rtb.gumgum.com g2.gumgum.com
6 ssbsync.smartadserver.com 3 redirects public.servenobid.com
www.iphoneincanada.ca
6 um.simpli.fi 6 redirects
6 sync.adkernel.com tagan.adlightning.com
sync.adkernel.com
public.servenobid.com
hde.tynt.com
6 vid.connatix.com cd.connatix.com
cds.connatix.com
6 tags.catapultx.com www.iphoneincanada.ca
tags.catapultx.com
tagan.adlightning.com
6 qd.admetricspro.com www.iphoneincanada.ca
qd.admetricspro.com
5 pm.w55c.net 5 redirects
5 i.liadm.com 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 px.owneriq.net 4 redirects ap.lijit.com
5 widgets.outbrain.com tagan.adlightning.com
widgets.outbrain.com
5 gum.criteo.com 3 redirects
5 c1.adform.net 5 redirects
5 pixel.quantserve.com 5 redirects
5 ads.yieldmo.com 2 redirects sync-amz.ads.yieldmo.com
5 stags.bluekai.com 5 redirects
5 id.rlcdn.com 2 redirects www.iphoneincanada.ca
ssbsync.smartadserver.com
us-u.openx.net
5 token.rubiconproject.com 5 redirects
5 fonts.googleapis.com 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 sync.search.spotxchange.com 4 redirects googleads.g.doubleclick.net
5 secure-assets.rubiconproject.com 5 redirects
5 cks.connatix.com www.iphoneincanada.ca
5 cds.connatix.com www.iphoneincanada.ca
cd.connatix.com
5 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
5 www.gstatic.com www.iphoneincanada.ca
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
accounts.google.com
4 dpm.demdex.net 3 redirects widgets.outbrain.com
4 rtb2-useast.e-volution.ai 4 redirects
4 cdn.clinch.co realtime.clinch.co
cdn.clinch.co
4 aa.agkn.com 2 redirects us-u.openx.net
widgets.outbrain.com
4 pippio.com 2 redirects us-u.openx.net
c.disquscdn.com
4 p.adsymptotic.com 2 redirects eb2.3lift.com
www.iphoneincanada.ca
4 u.openx.net 1 redirects cds.connatix.com
statics.nextmillmedia.com
4 mug.criteo.com www.iphoneincanada.ca
4 links.services.disqus.com c.disquscdn.com
www.iphoneincanada.ca
4 creativecdn.com 4 redirects
4 cs.emxdgt.com 4 redirects
4 ad.360yield.com 4 redirects
4 x.yieldlift.com 2 redirects public.servenobid.com
4 sync.srv.stackadapt.com 4 redirects
4 image2.pubmatic.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects www.iphoneincanada.ca
ssbsync.smartadserver.com
4 pixel-us-east.rubiconproject.com 4 redirects
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 adservice.google.com securepubads.g.doubleclick.net
tagan.adlightning.com
4 iphoneincanada.disqus.com www.iphoneincanada.ca
iphoneincanada.disqus.com
cdn.iphoneincanada.ca
3 dsp.adkernel.com 3 redirects
3 log.outbrainimg.com widgets.outbrain.com
3 a.clickcertain.com 3 redirects
3 io.narrative.io 1 redirects www.iphoneincanada.ca
3 live.rezync.com 2 redirects c.disquscdn.com
3 fonts.gstatic.com fonts.googleapis.com
3 odr.mookie1.com 3 redirects
3 rtb.openx.net 2 redirects us-u.openx.net
3 d.turn.com 3 redirects
3 dis.criteo.com 3 redirects
3 tags.bluekai.com 2 redirects widgets.outbrain.com
3 acdn.adnxs.com cds.connatix.com
qd.admetricspro.com
3 js-sec.indexww.com cds.connatix.com
qd.admetricspro.com
3 match.deepintent.com 2 redirects g2.gumgum.com
3 sync.technoratimedia.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 accounts.google.com apis.google.com
www.iphoneincanada.ca
www.gstatic.com
3 loadm.exelator.com 3 redirects
3 de.tynt.com 1 redirects www.iphoneincanada.ca
statics.nextmillmedia.com
3 s.ad.smaato.net 3 redirects
3 demand.catapultx.com tags.catapultx.com
sync.adkernel.com
demand.catapultx.com
static.cloudflareinsights.com
3 adservice.google.ca tagan.adlightning.com
3 px.ads.linkedin.com 2 redirects www.iphoneincanada.ca
3 ssum.casalemedia.com 3 redirects
3 onesignal.com cdn.onesignal.com
tagan.adlightning.com
3 partner.googleadservices.com pagead2.googlesyndication.com
tagan.adlightning.com
3 tag.1rx.io qd.admetricspro.com
cds.connatix.com
3 e.serverbid.com qd.admetricspro.com
sync.serverbid.com
3 hbopenbid.pubmatic.com qd.admetricspro.com
cds.connatix.com
3 teachingaids-d.openx.net qd.admetricspro.com
cds.connatix.com
3 htlb.casalemedia.com qd.admetricspro.com
cds.connatix.com
3 capi.connatix.com www.iphoneincanada.ca
cd.connatix.com
3 www.google-analytics.com www.googletagmanager.com
www.iphoneincanada.ca
www.google-analytics.com
3 www.iphoneincanada.ca www.iphoneincanada.ca
2 simage2.pubmatic.com 2 redirects
2 map.go.affec.tv 1 redirects de.tynt.com
2 gpush.cogocast.net 2 redirects
2 ads.scorecardresearch.com 1 redirects www.iphoneincanada.ca
2 img-cdn.clinch.co realtime.clinch.co
cdn.clinch.co
2 flint.defybrick.com tagan.adlightning.com
www.iphoneincanada.ca
2 beacon.krxd.net www.iphoneincanada.ca
widgets.outbrain.com
2 usermatch.krxd.net 2 redirects
2 cms.quantserve.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 c.us1.dyntrk.com 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 i.w55c.net 2 redirects
2 gu.dyntrk.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 ssbsync-global.smartadserver.com 2 redirects
2 cm.adform.net 2 redirects
2 pool.admedo.com 2 redirects
2 contextual.media.net ap.lijit.com
us-u.openx.net
2 bttrack.com 2 redirects
2 sync.crwdcntrl.net de.tynt.com
widgets.outbrain.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 assets.a-mo.net prebid.a-mo.net
2 tg.socdm.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 cms-xch-chicago.33across.com hde.tynt.com
2 g2.gumgum.com public.servenobid.com
2 sync.adotmob.com 2 redirects
2 public.servenobid.com sync.adkernel.com
qd.admetricspro.com
2 cdn.viglink.com www.iphoneincanada.ca
2 image4.pubmatic.com 2 redirects
2 apis.google.com c.disquscdn.com
apis.google.com
2 connect.facebook.net c.disquscdn.com
connect.facebook.net
2 c2shb.pubgw.yahoo.com cds.connatix.com
2 img.connatix.com www.iphoneincanada.ca
2 script.4dex.io qd.admetricspro.com
script.4dex.io
2 cdn.onesignal.com www.iphoneincanada.ca
cdn.onesignal.com
2 cdn.jsdelivr.net www.iphoneincanada.ca
cdn.jsdelivr.net
1 ade.googlesyndication.com
1 sync.inmobi.com 1 redirects
1 dp1.33across.com 1 redirects
1 partner.mediawallahscript.com de.tynt.com
1 ws.rqtrk.eu 1 redirects
1 d.agkn.com www.iphoneincanada.ca
1 adadvisor.net 1 redirects
1 lrpush.apxlv.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 cs-server-s2s.yellowblue.io widgets.outbrain.com
1 c.bing.com widgets.outbrain.com
1 ice.360yield.com 1 redirects
1 loadus.exelator.com 1 redirects
1 ps.eyeota.net widgets.outbrain.com
1 dsp.adfarm1.adition.com 1 redirects
1 sync-jp.im-apps.net widgets.outbrain.com
1 idsync.reson8.com www.iphoneincanada.ca
1 cheqzone.b-cdn.net tagan.adlightning.com
1 trk.clinch.co realtime.clinch.co
1 tags.rd.linksynergy.com 1 redirects
1 ei.rlcdn.com 1 redirects
1 cs.chocolateplatform.com 1 redirects
1 cs.media.net 1 redirects
1 ius.ctnsnet.com 1 redirects
1 a.rfihub.com 1 redirects
1 match.360yield.com 1 redirects
1 aep.mxptint.net 1 redirects
1 s.uuidksinc.net 1 redirects
1 fksnk.com 1 redirects
1 odb.outbrain.com tagan.adlightning.com
1 r.turn.com www.iphoneincanada.ca
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me u.openx.net
1 rtb.adentifi.com u.openx.net
1 obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com 1 redirects
1 code.createjs.com s0.2mdn.net
1 rock.defybrick.com tagan.adlightning.com
1 realtime.clinch.co tagan.adlightning.com
1 eu-u.openx.net us-u.openx.net
1 s.cpx.to us-u.openx.net
1 oxp.mxptint.net 1 redirects
1 sync.taboola.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 referrer.disqus.com www.iphoneincanada.ca
1 widget-pixels.outbrain.com www.iphoneincanada.ca
1 tcheck.outbrainimg.com widgets.outbrain.com
1 i6.liadm.com us-u.openx.net
1 glitter.services.disqus.com c.disquscdn.com
1 ads.stickyadstv.com googleads.g.doubleclick.net
1 bcp.crwdcntrl.net 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 data.adsrvr.org 1 redirects
1 ums.acuityplatform.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 server.cpmstar.com 1 redirects
1 cm.smadex.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 static.cloudflareinsights.com demand.catapultx.com
1 statics.nextmillmedia.com qd.admetricspro.com
1 sync.serverbid.com qd.admetricspro.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 img.onesignal.com www.iphoneincanada.ca
1 sync.richaudience.com www.iphoneincanada.ca
1 cms-xch.33across.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 www.facebook.com c.disquscdn.com
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 hde.tynt.com sync.adkernel.com
1 ssbsync-us.smartadserver.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 rtd-tm.everesttech.net 1 redirects
1 image6.pubmatic.com 1 redirects
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 ads.yahoo.com www.iphoneincanada.ca
1 ck.connatix.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 ins.connatix.com cd.connatix.com
1 lit.connatix.com cd.connatix.com
1 mp.4dex.io qd.admetricspro.com
1 tlx.3lift.com qd.admetricspro.com
1 geo.ipify.org qd.admetricspro.com
1 pixel.wp.com www.iphoneincanada.ca
1 c.statcounter.com www.statcounter.com
1 cd.connatix.com 1 redirects
1 www.statcounter.com www.iphoneincanada.ca
1 stats.wp.com www.iphoneincanada.ca
1 s3.amazonaws.com www.iphoneincanada.ca
1 www.googletagmanager.com www.iphoneincanada.ca
0 id.geistm.com Failed widgets.outbrain.com
0 ad.atdmt.com Failed 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
1014 278
Subject Issuer Validity Valid
www.iphoneincanada.ca
R3		 2022-05-15 -
2022-08-13		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-20		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-06 -
2022-12-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
*.nextmillmedia.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.consumableaudio.com
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
a.disquscdn.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-13 -
2022-06-11		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-06-01 -
2022-12-08		 6 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-17		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-31 -
2023-03-04		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
sync.serverbid.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2022-05-12 -
2022-08-10		 3 months crt.sh
events-ssc.33across.com
GTS CA 1D4		 2022-05-25 -
2022-08-23		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
*.clinch.co
Go Daddy Secure Certificate Authority - G2		 2022-03-16 -
2023-04-17		 a year crt.sh
rock.defybrick.com
Amazon		 2022-05-09 -
2023-06-07		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
*.rezync.com
Amazon		 2021-12-26 -
2023-01-23		 a year crt.sh
pippio.com
GTS CA 1D4		 2022-04-09 -
2022-07-08		 3 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
loopme.me
GTS CA 1P5		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-09 -
2022-08-07		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-07 -
2022-11-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.im-apps.net
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.eyeota.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh

This page contains 139 frames:

Primary Page: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Frame ID: 211F254B066BA1C24BE3A9089ECFF35B
Requests: 184 HTTP requests in this frame

Frame: https://cds.connatix.com/p/164935/connatix.player.js
Frame ID: F7DDF84EF403CD8B0D20E44B394B1F44
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html
Frame ID: 679064EC0CB01F5A8C69C0E6AB7FDCA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html
Frame ID: 79456BBAF93A3503D9656E59AF0E3531
Requests: 1 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 489101AAF1D9D02BF05D5CCD7D0A21F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8845604764087408&output=html&adk=1812271804&adf=3025194257&lmt=1654319548&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326158215&bpp=3&bdt=399&idt=456&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5033563336134&frm=20&pv=2&ga_vid=782479863.1654326158&ga_sid=1654326159&ga_hid=1737926759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531557%2C31065742%2C31067628%2C21066431%2C21065724&oid=2&pvsid=3521502167565206&pem=132&tmod=2040486420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=480
Frame ID: E7A410864009EF78566FA5D1603FFC4E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Frame ID: DC4A0942D4E233BF94274D14FDB2CB7A
Requests: 11 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Frame ID: 65D67CEF59AD7F48C12F67D08D64A8D3
Requests: 21 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6EA0AE077F6A4D9200EA56AF2BD0605B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 36396AAE075C7DB801C5670F4365328B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: FA0C93D0CADDD0CF38568D55D64B1A34
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: AD1B1AD57B5C77D7CE501A0926FFC7DF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 7C3D0720F05F8294C44F1C56759168E0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-1-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D8f4d5dd88a604978adde7164b67969d0%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 58CA01AC6CC41685B7797F0D0BAAC764
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 97B60B7A630267146DBB2033D632A24F
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers
Frame ID: F23BC6ECB435335CAE0378F356970215
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E512342CFB6C128098228EECE84F0956
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B0F79E296DA2D583748C619DA33A053C
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Frame ID: 1234F029083768CDFC520DDC09078F20
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 7FB0969351913CAA5A6FEC6F8FB292FE
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Frame ID: 32A73EB1AC1C4170C0E5FA16D79B8072
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&dcc=t
Frame ID: 44DAA361FE44176848F0339A0D1DBA3A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 23F6CF40242BF6498C419BF4F0B34608
Requests: 5 HTTP requests in this frame

Frame: https://demand.catapultx.com/sync?akuid=https://www.iphoneincanada.ca|A8492896450583913946
Frame ID: E1308877A88BC849FE89CF0CAC8DE450
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: 8B60C7AE11D4F4D3623AA4C1A44EDD59
Requests: 10 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 471CD21B9B8B12C130C23D5E2295AA5C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 3971FDBE1BCB521042424761620722BE
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8867012480303613517&gdpr=0&gdpr_consent=
Frame ID: 74B6C80F0EBBB3B4B394DEE7F52D208D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1696151633887888005&ex=appnexus.com&gdpr=0
Frame ID: D8A5131B41E449A0E7D35871E610720F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3440408375380958027
Frame ID: DDA68427A8B7C022237A906573411BA6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=556026402494639543882
Frame ID: BA71C240F0483533F575C3D13296DA71
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Frame ID: 99333CF67FB55AADF7EBBD515D2866DE
Requests: 12 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Frame ID: D9C51DF14B4FC4420F27E4D9329D2E9E
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 9CC50D69030E5B3131A573EBD05FEB48
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 2699267E34491ED0CD896099BDCFEFC3
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 5EFFEC7380BD8F1CDA3071FA196496C8
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9617EC3EDA27179DB271888AD38E2174
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: D4EA984BF35B192E5CCB3F31E1E54F5B
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: DDEB501E37B02F21613FC8B77DE350A2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 3E3369FA60D5E393A3FFB0189297D07A
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Frame ID: B053DAC80EBE25ED40044C482515A8E8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
Frame ID: E1382207840AC52FF6B96989B58B0DCE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNjkxMzNkYi1jNGU4LTQ4ZDctODczOS0wZmZmZDU4OTY5MTI=&gdpr=0&gdpr_consent=
Frame ID: EF1DC8ABDCED143C4E6E61D0291BAADC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0981140597C7650A3E6BB35E49E5F4A1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&t=1656918161
Frame ID: 4DC7C1D1D1C9768F934C34A7C40E3844
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=1696151633887888005brt77741654326161870409ba
Frame ID: 682A53310F5B747B4049B165FF4CA632
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YpsDksCo8YUAAKzuNAAAAAAA
Frame ID: E9270147018A98922557977016454F0B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=DEf6JokJqJ47SmJlfWk4&pi=gumgum&tc=1
Frame ID: 93A4746D185E5C5BF484DCBA584D3DB1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D25D65E1C47114B80647B517E61E671E
Requests: 3 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Frame ID: A27DD1E92F64761CCBD9BFFBBCBB81C5
Requests: 15 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 515BB4F7B0E015F93939E0490E46B722
Requests: 18 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C0D85E680CDCBA038B718EB90D2DF982
Requests: 32 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BF65F1CB62C283950262C49648846379
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Frame ID: ECC8F45E0CF9346DCBB85A959C9B3CD0
Requests: 16 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 326C69D47D4F48E39FC5BDA02648C15B
Requests: 16 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8D3E93AA2528C79FC89D42592BC4C289
Requests: 16 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C702E91B5B5DCF91E93C3EFCE222558
Requests: 16 HTTP requests in this frame

Frame: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 64A8D6CE0C2731FA5892E6AB52CA8524
Requests: 12 HTTP requests in this frame

Frame: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Frame ID: 870F6D3E62C10FDDDC281C0D8B90B3C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYncysygEwAQ&v=APEucNW0lMbSo_AKuhBelBJqJnoz9xraF4-31Z_QytuVN_I5z_Xcc3lZOzJmvdUXsuzIAYnEQFTVdXuJpjGK2Awg3f-5wJc5WzcbfntN1e7KDaGB9cXCpQo
Frame ID: 89E4C661ACE77B5775EE53B4BA5A32A4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Frame ID: 736B8B2A11CB61E3AE2CCBD560F09E6A
Requests: 10 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 60B07D9130AF5CE0AB932AE343EAFE39
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3A42E13FCB045F878DC1FC344755554E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Frame ID: CB556008BE2D61D8290668D7A82C647A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 27348933E006579CD5F0C0E78D456A0B
Requests: 7 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C68C504C660E21A210FE2D91AC875701
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D2898D00C2B2ADBDFA2FCCAAE56EB3EF
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DD99BA3E2349D68F9F024C48479B5D0A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0783A5C6B20B4CB47E0F3BDE6CB4D4B4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6E307C3331366593F0733ECFC6508622
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Frame ID: ECB424A916428165E720BFE329867464
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNUgoCF1_jhL3gAzXm0kFAdhXWJBRQvzr5LT96JbamLgq2BYCY_-8-rHz0sRVxjQ_OG_oXjAJt4lPYizIoTN7k6zcFZN-v6fVIHco7SUBfjC2PK3O_c
Frame ID: 0955BBB83D3439A68630D187ED38A0A1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNXxdQ70CGaL4LqEe4mjnHf657-m79h7HFFJDIzyQ9maZJxXKZ4jva23mquJCOgutaVjPB8LH3B9vGKCtmwkNnXHCchEHFc-nFYGlEJFJf8XzLJOayk
Frame ID: 644F9AC6BB8F9308C88E548DD74CF1A5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuq0aYDEMqOxLEDGMyfy8sBMAE&v=APEucNXFCZHwah0DqusZsg9l8AxqSHlDdQUpOLX5HiNvjd96sWtwnoUVk14xZK2A4ZUcx9oXSLQfrFJqiIY8n0cU0iiirLwY-6ZAQCiie86QXHqWbr82pZI
Frame ID: 21A343F1B72DE7487B4B7FB39B78F575
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&adk=1812271804&adf=2751418292&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=7&bdt=1061&idt=963&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.34ipdilynprs&fsb=1&dtd=2544
Frame ID: 1F45D8A8A3AA3AE4B1CA09C48F0DF527
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Frame ID: 544A9D37EA0EA661E7FFB58F7A1B0489
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D840D2D4493F57DDBC3C2FBC4AA95B0F
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4BE5769ED4464325FF3B88665D3D30D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 8FAEB4248122102DCF82A6EBB2B1ACB0
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3B9BD3A3BE1CCD07FD602B81DCE66C3D
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: 753B44F0C8D8FD0F53EC35664C34C463
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: EEC013760A59CACB8CBF30BA00E5B904
Requests: 10 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000891.html
Frame ID: 8467B8473006879885651AD844BF22B2
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 153208DA43FE0C088524552C520C3B36
Requests: 11 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 3CCA1419C0CA9B76B4D8B689B2438439
Requests: 7 HTTP requests in this frame

Frame: https://statics.nextmillmedia.com/load-cookie.html?v=4&bidders=33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,colossus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo
Frame ID: 1F96E657F162DD40E32F1EE2E655886D
Requests: 8 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: ACC9A2BCC038ABF60570B39660B8C7C2
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNVXN0MEBhQsNoNX-MBppeK3YunYzqXvtDOwM6GHSyq6KbOmPCZggxYd44wtpbuYuAdCwwdG7wEqCEavRGvg__zMvYrShqYsrCZQRRMLnYY7-OHgM-o
Frame ID: C5DCB93DAE435F524A0A166FD28DB9C6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-c9gIQjNWC9gEYjLqAyQEwAQ&v=APEucNVHOkMksmgz88l5hOyAnrLixNvWTA8YYCqvkMW9WfmrQpXh_iwzo1Lj6bXaWkcVqzR_Dho7yabKsWZ2oCLzKM0JXoE4h3wd2aqf_cnCATddm-qmIcU
Frame ID: E5DBDA1DD7050B1C98FAA8BF24BEA46C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8845604764087408&output=html&adk=1812271804&adf=2751418288&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=1524&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vhtun6k83sxx&fsb=1&dtd=3316
Frame ID: 28C558DF4B180D152442DC99753DE60E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 3C25870AD1230DAB7D1FB0FF839152F4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5AE7FD11AABF076F0319F769987EAF17
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Frame ID: 8CE723D779E97CA222E9394CE7E26E31
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 6F69B6F896E56E351E9058E1E21E6EE6
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 204826082B95E8762E3139CA70BE26FE
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 2E5D029BB2406BD41265EE3A26BBCCD1
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 156945F6BC82E4BBEAEC718A0183CF2F
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9FC6DE6750C2F9EDBF7E1B1CBF667761
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 536C7598FDC70FC70FB747EEF3BA8E1C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 6F170590CD024061F34B51943A114C57
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 4AAE697E2526AF210D2139795E85C086
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 60B00B5919FC151D6955DD03AA6747C7
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 51EEC7011EE37DF08696558C5133FEE6
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3440408375380958027&gdpr=0&gdpr_consent=
Frame ID: 89CE39DAE98536DE80292C650DBCEE82
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Frame ID: 6D9C830723E85D973A71D3EA7274BC3E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C82UslQObYoilG46PoPMP0MyvyAvf3benatmh56LYDdrZHhABIOyrggNg_eiigfADoAG1kMTAA8gBCagDAcgDSKoEpAJP0EM1hP9pi7tVQ2Rf2m0rcprAAcK3dcOBMOZLcACvJICwzlNu0RkKY2wXgyLYAVKAkzoLzxnpnMpUAe_1eeH1G25f9S45fblJTLU_fCl92tODg61UuSH67pznVXc0mC5wYVyKghk1NMJMYT41oOXw8VX7f85IA5aP0MZj7HvXnE8Sq9aL5dIz4PS_LySJThZ8vQZ0RwQ55sbOVgyYk-OgOcFowcKvXk4Fneg3xoY9WjMcfqprCAzqNCC0KhpKmAcAwPkigC-O65zV0s22E8oZBSAjwCeC_v60BTrG24ZhrnZXeC2_gdGe6nRJp1ao5cCU45pEnCZRpyrbTrWFpdx84N9qLlKINSqa6h-I5NAwCAbgWI5HyWOzRX0PUkzpEeO9TZu-wAS_lY_zzQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJP_G9IIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODg0NTYwNDc2NDA4NzQwOBgA&sigh=mcZisNQeBmM&uach_m=[UACH]&template_id=419
Frame ID: E2E112145EAFCA3F94E4CE5576C9F46F
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: B5C54EDACBC8E6712A2314BDE86BAA1D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10500745669963244466/728x90.html
Frame ID: A6DB01E87E732B85109D8EBB8AC3153F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC452F4C41104AAC57B8B316EA67574F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CE2A9B1573DBE995929ADC9AB99A7B6
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 09D008FAFB395801D1515723FBE12940
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Frame ID: 6B21EE52DD831D57EB50FDCFE48B48DD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CEDBelgObYoayHIiToPMPg7CJoAPf3benasvWj9jMDdrZHhABIOyrggNg_eiigfADoAG1kMTAA8gBCagDAcgDSKoEpAJP0CxMh_P0xtv6BaGan6BlBMfjdF01Yw0F3Rq6xVhcFR6SDoDTVuWqbssYob_1uVAcTfSh7g7ycBZ9r3dmBKpV175MggZ3vF4uZEPPNm2XF5J2mmBFbRDDqorJ5XqSJwVyE7h4Xn9APE4rRXLerUbCNwtCVjg2kaFO1TXhzhlckB7jWnmTI15mykgfoZi8oP0agx6cZkxgt3jbpK-RNcmxfkvYeJHBVM-yaheqmO6wc4aNqgF6Xe3Jrzq2HwMk3_5llDspYy6JsctlNvQRo-bfGxSW7tDp1CnIF30sQJvIWx450bCUz58eu-ohZEcB4UfyAdETGPtsA-wfwk1uD7lBDHYOOGZTAe2ocHPIwhAUZFlug4rBdQbLIoPEjY_nb5M8YFxAwAS_lY_zzQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIvhItIIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODg0NTYwNDc2NDA4NzQwOBgA&sigh=Bhvf0sTZJ74&uach_m=[UACH]&template_id=419
Frame ID: 8232D20961FAAF2C35F6FB74F4B3C6C7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 67452F333CE9D35BED44225737FEADD3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62041883C9A099256E686B6F5790C7E2
Requests: 9 HTTP requests in this frame

Frame: https://realtime.clinch.co/video/player_v1/player?cid=yldcQE&caid=11217&format=_300ax250a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCzGS5kAObYpCcNY_u_gTU6or4BKeT4u1pv_b3stoP8C4QASD5m_GEAWDJ9qaM0KTkD6ABsLP9qQLIAQmoAwGqBIoCT9Dz02wBURMvHGEFgBoVVNRLVvkfaVLr0deZsI14pIyA8rKiG9Qhnk4-QOvoArPYSxwe985vT2OtyL-oj5AwOSnimUWIold9Lt3HTnJ6pFru_nX9gVlLQgz30GE64wSI-nuwMNw-anoAArNQS8M7hxY9qnlWTLiKXr2WPKMeiuDyoBicgQC6dKJIb9PurIiSveOutyUrpRnCXJtJ5QSlqL623SZYoYoiKUXEOWUT4TQe2Zg3YWfmIWJz1Va9j3z0ssmSxUIe9WkZ3W5B2opTAtpAB9xMX1I3Eaq2XOaj8nh0FGJXTLOJKt4G10phDOzwNXxebO9XRuroNd2qNU-uMSpp9ZaBYRhdOKbABOiokNH7A-AEA5AGAaAGTYAHuMyC1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBO20KEP0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E%26sig%3DAOD64_0woDA1rXaaEx-VOH0MJ-fEg8qgOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-B3GlePTRq3sO_WbZvYbMRf7T05KCTbAeieaLArwN-Vex67jZuDxriMOI4ZAFIyBofDpMb-zUN-Y3O8Ma-zRWKIL1nAALbng-p0ZY0deZHzxj4Vp8TXTTmIDqvJihowJsAkhUi17GxrC823e0G31GnMwHDeCg%26cry%3D1%26dbm_d%3DAKAmf-CmaA0TYIS5Xzf4ZXOXKq6ZRcct7A4CNtGST2rt-ve3qnj-VuLwP1Gtm3UscURyEcy-yPRaL8g9NJC5r-XGtFRDnA45QgQver1EQxk9H49pzl66H8seMAB84SssPjHv1dKDnnoQ2FjxIdcXQeFWEBhnuaYE1-x9xH4XCKLV1pyjkf83K7JX5idFRFujW1gNd2rKa4Llk_MkSes-zYHcfwaLuYsPPBlKorPMlLjtAm665MCYozlA7tmfWFTyvlxnt-svJDQ9JkuFQ4n88VTCannVfITzBOFtvLz8oMuqLYPtUMqp24K3cJ0pTE6q0LV6MBClgIxHXxhPisb6axZmabU5DWBjm8tu6odWBz6fzncL0siO8sKqCWq8TbXoFUQC67RqdhSU7F5WGoDUFJqFpVI4E9Iax3rSQrTA1xVUP5cviQ0qEarzhi-3c-rftvnCTdxx72phg6CsDDCAMsSn5Vtq14evCXvDZ4GGHzoVWkoms2ecsnHarvBx4zdU2sk8XSXogFD0hDAU7ke-bZP-wRR902l_pvFgYNk2cOPJsE2YB1XOG4s%26adurl%3D&dsp=dv360&plcId=334385315&dsp_impression_id=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&site_url=https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&dsp_pub_id=1&site_id=6378137792&dsp_insertion_order_id=28045553&dsp_caid=16968901175&dsp_crid=421534988&dsp_tracker_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIt8Szmz-oAozVgvYBsALx4a8NQAHSAioYACITCJCkpZmdk_gCFQ-3nwodVLUCTygBMAE4v_b3stoPQAJIAViZgSAQjLqAyQFWUfoY1oxgtM1TTnefP4pQ&rnd=1654326160871952&gdpr=0&gdpr_consent=&gdpr_pd=
Frame ID: 8222F1805792B2CF90199D7B109E1AA1
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 40B9F0A56F523C877CDD611AA588140F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7448F1473CEB2F9BB57458855F93A76E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DFBF8A8BEEB38B0CDFE0AAAE39EEF26E
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Frame ID: 30EE35F6FE7B9C3C22A6A01A2111809E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNjkxMzNkYi1jNGU4LTQ4ZDctODczOS0wZmZmZDU4OTY5MTI=&gdpr=0&gdpr_consent=
Frame ID: 635CDABFA99988E6739F5856918BF60E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 6CDD816C2993B9604E4D490B137316D4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7CC91C0B7554C064C1697DDD7A0A7AFC
Requests: 9 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c3vfv4svbq87v&pctry=CA&referrer=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Frame ID: F9CD97708E32D4F99EDF4CCB11C69B65
Requests: 4 HTTP requests in this frame

Frame: https://pippio.com/api/sync?pid=1391&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&it=1&iv=c3vfv4svbq87v
Frame ID: A728ACCA1A6C1E757428FCB8F4141C27
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F4BA094DDF0E2879515E0FCD1C529804
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E8C3C601BB806312B7D016C49441143
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41789D18A853CEB48A13AAC8B9D4CE3D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A0BA7EB91493945061A5763198188D89
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 733973A82963D23BBE20377682499B44
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3878E88C1D5838F079F53684B21BE471
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5BE8CA25C55A639B9022A86709C7CB72
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=2aafcc4e-7a7d-40c8-b86b-ec06df84fca6
Frame ID: DD224D6AB8C03E9AEFDE8A2371E6626C
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: ACE4A10F008D0949EE2E8E97AD11463C
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 8617B58A7555A6D230F62C3F920A1D59
Requests: 38 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 6593B3BC67C22B353057F295AFE36322
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 584784EC1015A37586A19C8990A7A14B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6DABDD7E54FFEA37346DB3FE76C3E26E
Requests: 2 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=855B06D3-3D54-4A42-91F6-827309E6A457
Frame ID: C91EB0C05DCA0340516FBC147957685E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

‘Predator’ Spyware for iPhones Uncovered by Toronto Researchers | iPhone in Canada Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1014
Requests

68 %
HTTPS

22 %
IPv6

150
Domains

278
Subdomains

153
IPs

11
Countries

8234 kB
Transfer

20221 kB
Size

326
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 36
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/164935/connatix.player.js
Request Chain 139
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dIndex%26api-tier%3d1%26uid%3d HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D8f4d5dd88a604978adde7164b67969d0%26pname%3DIndex%26api-tier%3D1%26uid%3D&s=190549&C=1 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=8f4d5dd88a604978adde7164b67969d0&pname=Index&api-tier=1&uid=YpsDj6V2eezDp-7lpu.RAQAA%26463
Request Chain 140
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid} HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D8f4d5dd88a604978adde7164b67969d0%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=8f4d5dd88a604978adde7164b67969d0&pname=Beeswax&api-tier=1&uid=AAFDDU7FNgcAAEin6MYPOw
Request Chain 141
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttl=1656918159
Request Chain 142
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=8f4d5dd88a604978adde7164b67969d0&pname=AppNexus&api-tier=1&uid=1696151633887888005
Request Chain 143
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Request Chain 145
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=520ddf24-e3d4-11ec-9fcf-17aa2b400403 HTTP 302
  • https://cks.connatix.com/cks?pid=10&ev=8f4d5dd88a604978adde7164b67969d0&pname=SpotX&api-tier=1&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403
Request Chain 154
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 185
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L3ZJ2XP4-T-4YFE HTTP 302
  • https://ck.connatix.com/cks?pid=11&uid=L3ZJ2XP4-T-4YFE HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L3ZJ2XP4-T-4YFE&UserId=
Request Chain 202
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWJkMjgyNTgwY2MwZmZlMDJiNTI3NjZjZjI1NmFjNzI5MjdjNDQzNA
Request Chain 203
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EeOmeorJSJiiYb3D6OCTWA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EeOmeorJSJiiYb3D6OCTWA
Request Chain 204
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9_FiOu5yzmV8HfIZuop4QQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1821992551476939679
Request Chain 206
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ZJ2XP4-T-4YFE&sigv=1&esig=2~e5521a7c39bc8ec01212dd8cf3472201942ed170
Request Chain 207
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ZJ2XP4-T-4YFE
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI41KHc7YKVIz3OpwxDSrR0&google_cver=1
Request Chain 209
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=&expires=30
Request Chain 210
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L3ZJ2XP4-T-4YFE HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE
Request Chain 237
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&dcc=t
Request Chain 256
  • https://id5-sync.com/i/724/8.gif?id5id=ID5*vlHbLpJtfxdq_BrItentwE3Dh0_wvFAldCNikzGgMz4U3HQh-O77GRn0jIdwBddU&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/724/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/724/2/7/2.gif?puid=1696151633887888005&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/724/3/6/3.gif?puid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/724/429/4/5.gif?puid=855B06D3-3D54-4A42-91F6-827309E6A457&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/724/434/3/6.gif?puid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F108%2F2%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/724/108/2/7.gif?puid=42e810d3-10eb-45f8-8040-856705c10d9a&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F136%2F1%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/724/136/1/8.gif?puid=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&consent=&id5id=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
Request Chain 263
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Request Chain 264
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7ba3b0ae
Request Chain 265
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bff618de-2b06-48a2-bbff-b6ccc8d39000
Request Chain 266
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAFDDU7FNgcAAEin6MYPOw&ex=beeswax.com
Request Chain 267
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHVGHUWLMHBXTSSTXMFLHIXZSJVXTGNSXOU&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHVGHUWLMHBXTSSTXMFLHIXZSJVXTGNSXOU HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=LzYl8o9JwaVt_2Mo36Wu
Request Chain 269
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D406496%26t%3Dimage%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dappnexus%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/34?gdpr=&gdpr_consent=&us_privacy=&A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=appnexus&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%3D&uid=1696151633887888005 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F34%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dindex_rtb%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/34?gdpr=&gdpr_consent=&us_privacy=&A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=index_rtb&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%3D&uid=YpsDj6V2eezDp-7lpu.RAQAA%26463 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F34%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%2526bidder%253Dpubmatic%2526cbx%253DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F34%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%2526bidder%253Dpubmatic%2526cbx%253DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%25253D%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU1QjA2RDMtM0Q1NC00QTQyLTkxRjYtODI3MzA5RTZBNDU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F34%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dpubmatic%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%253D%26uid%3D855B06D3-3D54-4A42-91F6-827309E6A457 HTTP 302
  • https://prebid.a-mo.net/cchain/2/34?gdpr=&gdpr_consent=&us_privacy=&A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=pubmatic&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5NiZ0PWltYWdlJnVpZD0%3D&uid=855B06D3-3D54-4A42-91F6-827309E6A457 HTTP 302
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=406496&t=image&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=&gdpr_consent=&us_privacy=
Request Chain 270
  • https://ap.lijit.com/pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D420326%26t%3Dimage%26uid%3D%24UID HTTP 307
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=420326&t=image&uid=EwNGcBZHlxfgonDXRwy1yjjY
Request Chain 271
  • https://bh.contextweb.com/bh/rtset?pid=562422&ev=A8492896450583913946&rurl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D333913%26t%3Dimage%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=333913&t=image&uid=em1JAirFG5LC&ev=A8492896450583913946&pid=562422
Request Chain 275
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8867012480303613517&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1696151633887888005&ex=appnexus.com&gdpr=0
Request Chain 277
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3440408375380958027
Request Chain 278
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=556026402494639543882
Request Chain 283
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Request Chain 289
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&expiration=1656918161&gdpr=0&gdpr_consent=
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1
Request Chain 291
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YpsDj6V2eezDp-7lpu.RAQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
Request Chain 292
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YpsDkQAGWK5FIQAo HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YpsDkQAGWK5FIQAo&_test=YpsDkQAGWK5FIQAo
Request Chain 293
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F2FA02F7620E412F9BAA59AB0D5D3BA6
Request Chain 294
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
Request Chain 295
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07bc220407b06c2f1279ae43&expiration=[EXPIRATION]
Request Chain 298
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1696151633887888005&pn_id=an
Request Chain 299
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent= HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAFDDU7FNgcAAEin6MYPOw&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=bff618de-2b06-48a2-bbff-b6ccc8d39000&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 300
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Request Chain 301
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=aWA2V2Z3TFhFZKgtJANe65U4mbI&gdpr=&gdpr_consent=
Request Chain 302
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=em1JAirFG5LC&ev=1&pn_id=pp&pid=561118
Request Chain 310
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
Request Chain 311
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
Request Chain 312
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Request Chain 313
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Request Chain 314
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMGVhNmI1ZGYtNzFkOS00NTRiLThlNWItNWM4ZjkzODQ2NWEzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTcyNzFaIn0=
Request Chain 315
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1654326161780 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 316
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
Request Chain 317
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Request Chain 318
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F334%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 319
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
Request Chain 320
  • https://ads.servenobid.com/getsync?redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID&wl=312,327 HTTP 302
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=384073&t=iframe&uid=
Request Chain 322
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1696151633887888005
Request Chain 323
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
Request Chain 324
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Request Chain 326
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8fe58399-2fa2-0314-49b45250
Request Chain 327
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3440408375380958027
Request Chain 328
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TD2LFWDQ3ZZJJ3WCVTUL4ZE23ZTGZLXK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TD2LFWDQ3ZZJJ3WCVTUL4ZE23ZTGZLXK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LzYl8o9JwaVt_2Mo36Wu
Request Chain 330
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 331
  • https://ssc-cms.33across.com/ps/?_=1654326161639.&ri=0015a00002qt8uxAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X HTTP 302
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=411891&t=iframe&uid=2130873079196
Request Chain 332
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=0_JLZ9XzSzfI8hM2h6NfYNamQGTIpRBg16XoaYrh HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3Dbff618de-2b06-48a2-bbff-b6ccc8d39000 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=bff618de-2b06-48a2-bbff-b6ccc8d39000 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=bff618de-2b06-48a2-bbff-b6ccc8d39000
Request Chain 333
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326161639.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
Request Chain 334
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Hjv_pb1E2uGCvgTX1IntTPB3BpCZFxtT~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Hjv_pb1E2uGCvgTX1IntTPB3BpCZFxtT%7EA&ts=1654326161&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 335
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=50b328d2ddf908e5&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKEP_9Dz1igNz_9TvAAAAAAA&expiration=1654412562&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKEP_9Dz1igNz_9TvAAAAAAA&ts=1654326162&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1656918161%26external_user_id%3D7e2f6ba0-ad77-492e-9ec4-c1463734beb8 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1656918161&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Request Chain 337
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1696151633887888005
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_169133db-c4e8-48d7-8739-0fffd5896912&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2633905662877009385&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=bff618de-2b06-48a2-bbff-b6ccc8d39000
Request Chain 339
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_169133db-c4e8-48d7-8739-0fffd5896912&obuid=ENC(OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3Duuid%3D%5BRX_UUID%5D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1654326162830 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Request Chain 340
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
Request Chain 341
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-69603657-6677-4c58-4564-a82d24035eeb$ip$149.56.153.178
Request Chain 342
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-CmZypCJE2pd8q9DVrkzTwxUtxUtnEjBoL4TX~A
Request Chain 343
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=53b20474-e3d4-11ec-9e45-a33c04345cd2
Request Chain 344
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=25D7ABA302DE40CDACD5FDD4F5407C54
Request Chain 346
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_169133db-c4e8-48d7-8739-0fffd5896912&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TD2LFWDQ3ZZJJ3WCVTUL4ZE23ZTGZLXKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TD2LFWDQ3ZZJJ3WCVTUL4ZE23ZTGZLXKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=LzYl8o9JwaVt_2Mo36Wu&us_privacy=1---
Request Chain 347
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=5818cbe3-0415-4bc2-b812-970695154f41
Request Chain 348
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1654326161904 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 349
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=em1JAirFG5LC&ev=1&pid=558355
Request Chain 350
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8867012480303613517
Request Chain 352
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Request Chain 353
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&t=1656918161
Request Chain 357
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=1696151633887888005&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=1696151633887888005brt77741654326161870409ba
Request Chain 358
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YpsDksCo8YUAAKzuNAAAAAAA
Request Chain 359
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=DEf6JokJqJ47SmJlfWk4&pi=gumgum&tc=1
Request Chain 360
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 382
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07bc220407b06c2f1279ae43&gdpr=0&gdpr_consent=
Request Chain 383
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JR5FS3BYN44UU53BKZ2F6MSNN4ZTMV3V&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JR5FS3BYN44UU53BKZ2F6MSNN4ZTMV3V HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=LzYl8o9JwaVt_2Mo36Wu
Request Chain 384
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=em1JAirFG5LC&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 439
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L3ZJ2XP4-T-4YFE HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L3ZJ2XP4-T-4YFE HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3ZJ2XP4-T-4YFE&ts=1654326163&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 440
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L3ZJ2XP4-T-4YFE HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L3ZJ2XP4-T-4YFE
Request Chain 449
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Request Chain 451
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iphoneincanada.ca%2F&domain=www.iphoneincanada.ca&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=elouq3xOTU5CdU5CMkliRlNlTjZyckdqRThiV0o5T3I1dnplRnFOMVdTV0N3V1E4aUtqOENvclJ5RjJQU1g3VE9SMzlielNWa2c2MUNxWFBGcEN5ZnFVWkFvdnJ6TnJUd1R1TVVXNVJlNHVTd3NxZFZjekpsMGNCWVlXc0JGMk1GRVU4bmtvVFJkNXlzRkJ6TGg1V3BPZTFCU0gzQmp3RkpUQjBFUTIzcC8wMkdtdityZHJZWnNwK2xpdUZ3YWZSTGNuM1BmdmQ2MlhZKy9Bc0tadHNNR01ZQ0d0aE9qM0xwNXVPcnEyWWdMSStxYndVeTNmcGVQRUVydFNRVXdRbHNlNXdpfA&cppv=2
Request Chain 456
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iphoneincanada.ca%2F&domain=www.iphoneincanada.ca&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=9m_xhHxVRXZFNmxzMHd0TkRhNE5jZDN4cS9mZ2ptN3o3cTJOOXlycHJMNlJETW5yalNqQU1GTHpKazdOUGJFN09CMHh4bzB3aHEvM0N1MGtnRThneHdqTEVCZVVXYVZTc1QzZ3pYTG54NFZQQUd6d0FMdHIzemFhUWZUcEV3cHVlSURlV2R6TnlMdGR0OEdFQ2h6Qi8wQnJGaS9PNklPeUh1M3F2ZHVJdlYvYUhWU1NUN1AybkhHNW5hNjZ3bGhXTG9FQ2hMQXI0MFZkdllQVXFmZ0FUaVJZaFVjaTh1dUd5eHQvQ2hGeDdiNFNlMmpvTmNSVThvU3BYbTV5RjV5U0lkN0p2fA&cppv=2
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&gdpr=0
Request Chain 471
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpsDj6V2eezDp-7lpu.RAQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECzwLAkcSvJthKItn-H9erY&google_cver=1
Request Chain 473
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY5NjE1MTYzMzg4Nzg4ODAwNQ%3D%3D
Request Chain 503
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=1696151633887888005
Request Chain 521
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 522
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
Request Chain 524
  • https://match.adsrvr.org/track/cmf/openx?oxid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
Request Chain 526
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
Request Chain 527
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 528
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
Request Chain 530
  • https://match.adsrvr.org/track/cmf/openx?oxid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
Request Chain 537
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1&gdpr=0
Request Chain 538
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc3MWYyMTEtODhlZS02MTgzLTYxNjAtY2Y3ZTllMjI3MGE0
Request Chain 539
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPfN9b4Vfy1QSt9b-Ly2tgY&google_cver=1&gdpr=0
Request Chain 540
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjI5Mzg2NDktMzU1Ni00ZmQyLWJjY2EtMTM5MWQ4MjMwOTQ3
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEK0uLmQr71CZpCk3WPgqOFI&google_cver=1&gdpr=0
Request Chain 553
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEDi2kkdUhgHHUJxhphufcts&google_cver=1
Request Chain 554
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTIwZGRlZDAtZTNkNC0xMWVjLTlmY2YtMTdhYTJiNDAwNDAz
Request Chain 555
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326163946.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 556
  • https://ssc-cms.33across.com/ps/?_=1654326163946.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=2130873079196
Request Chain 557
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326163946.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YpsDj6V2eezDp-7lpu.RAQAA%26463
Request Chain 558
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://tags.bluekai.com/site/17724?id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D1389%26tp%3DSTSC%26tpid%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341
Request Chain 559
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326163946.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1696151633887888005
Request Chain 560
  • https://match.deepintent.com/usersync/149?us_privacy= HTTP 303
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_51b96af39a72406f8fcbc HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_51b96af39a72406f8fcbc&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 561
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1654326163946.7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=66&external_user_id=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 566
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1&gdpr=0 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEDgvTXQZaRge9WaeajpTS3o&_origin=1&gdpr=0&google_cver=1
Request Chain 567
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&gdpr=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&gdpr=0&redir=true&verify=true
Request Chain 568
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1Vd0puU3FwRTJ1RlNTMGs3eFFkbS5SYThlYXNxV1FFT35B&gdpr=0&gdpr_consent=
Request Chain 572
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&dongle=0cfd
Request Chain 573
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTU2MDI2NDAyNDk0NjM5NTQzODgy HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 574
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGAIUbKDiqZS3FUaD3gxQd0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 575
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTU2MDI2NDAyNDk0NjM5NTQzODgy
Request Chain 576
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=556026402494639543882&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=556026402494639543882&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0d04d685-8514-45b0-8074-4410be129189&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0d04d685-8514-45b0-8074-4410be129189&_noobservation=1&_expected_cookie=06da7c091c28e7bf49bdb0525209ee43
Request Chain 577
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/556026402494639543882?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-g2uHyV1E2oTuU0906fG_0f4kWtHSUWod1MHgISDWNg--~A&dongle=0883
Request Chain 578
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=556026402494639543882&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=bff618de-2b06-48a2-bbff-b6ccc8d39000 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=da7984dc-d41e-406b-9a41-e0878b2e338f&expires=10&ssp=triplelift&bsw_param=bff618de-2b06-48a2-bbff-b6ccc8d39000 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bff618de-2b06-48a2-bbff-b6ccc8d39000&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 580
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JR5FS3BYN44UU53BKZ2F6MSNN4ZTMV3V&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JR5FS3BYN44UU53BKZ2F6MSNN4ZTMV3V HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LzYl8o9JwaVt_2Mo36Wu
Request Chain 581
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAFDDU7FNgcAAEin6MYPOw&dongle=bzwx
Request Chain 583
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
Request Chain 585
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=e5daa252-99f3-056e-27a7-54cdc3634aad HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=e5daa252-99f3-056e-27a7-54cdc3634aad&apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
Request Chain 586
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f4e11752af6e01ebe3cef5d33d019bfb57eb354d0ce7b712c3846df758d246f9791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmNGUxMTc1MmFmNmUwMWViZTNjZWY1ZDMzZDAxOWJmYjU3ZWIzNTRkMGNlN2I3MTJjMzg0NmRmNzU4ZDI0NmY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4fslAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNGUxMTc1MmFmNmUwMWViZTNjZWY1ZDMzZDAxOWJmYjU3ZWIzNTRkMGNlN2I3MTJjMzg0NmRmNzU4ZDI0NmY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4fslAYSBAgCEABCAEoA&google_gid=CAESEMMGMLZH5ws0ccQ0309Ml8U&google_cver=1
Request Chain 587
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1696151633887888005
Request Chain 589
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=fFv1vXpa9e1nW63sKArhunkP_r5nDK66eAxAMNB9
Request Chain 591
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dfmx%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=JJfKUYdJ0yYHWICkxdcx0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
Request Chain 592
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=EwNGcBZHlxfgonDXRwy1yjjY&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:bdd2823f4222c34bc79ce91e93322901
Request Chain 593
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7076125662044973569&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 594
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1783777313217276866
Request Chain 595
  • https://um.simpli.fi/lj_match?r=1654326165484&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=F2FA02F7620E412F9BAA59AB0D5D3BA6
Request Chain 596
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RXdOR2NCWkhseGZnb25EWFJ3eTF5ampZ&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 597
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
Request Chain 598
  • https://ums.acuityplatform.com/tum?umid=27&uid=EwNGcBZHlxfgonDXRwy1yjjY&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=673387570093
Request Chain 599
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
Request Chain 600
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=
Request Chain 601
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1654326166927 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 602
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=em1JAirFG5LC&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 603
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
Request Chain 604
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
Request Chain 605
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXdOR2NCWkhseGZnb25EWFJ3eTF5ampZ&gdpr=0
Request Chain 607
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=EwNGcBZHlxfgonDXRwy1yjjY/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=77dbc2b55ce4f3f4cecc10597aad1b9a&gdpr=0&gdpr_consent=
Request Chain 608
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=1696151633887888005&gdpr=0&gdpr_consent=
Request Chain 609
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
Request Chain 610
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=EwNGcBZHlxfgonDXRwy1yjjY&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Request Chain 611
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=DEf6JokJqJ47SmJlfWk4&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 612
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFQVJvRDv_2lee5VT60eHjI&google_cver=1&gdpr=0 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=caa79e48e2a724bdc18faab1eec59a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=a188_7105276784182568428&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7e2f6ba0-ad77-492e-9ec4-c1463734beb8 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAFDDU7FNgcAAEin6MYPOw&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/caa79e48e2a724bdc18faab1eec59a?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-YIDhSHVE2oOP1j05GnQbAwv2GSVj5DoSIkWe.rzl~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=EDNHR2xN1NXnO75 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=581eea20-e3d4-11ec-9e4e-79fe3e50d71e HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1696151633887888005 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7641099&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=53b20474-e3d4-11ec-9e45-a33c04345cd2 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Request Chain 613
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2FhNzllNDhlMmE3MjRiZGMxOGZhYWIxZWVjNTlh&gdpr=0&gdpr_consent=
Request Chain 614
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&google_cver=1
Request Chain 615
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&gdpr=0&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 616
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EwNGcBZHlxfgonDXRwy1yjjY
Request Chain 617
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=1696151633887888005brt77741654326161870409ba
Request Chain 618
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1783777313217276866
Request Chain 619
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpsDj6V2eezDp-7lpu.RAQAA%26463
Request Chain 620
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1696151633887888005
Request Chain 621
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Request Chain 622
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
Request Chain 628
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
Request Chain 629
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8867012480303613517&gdpr=0&gdpr_consent=
Request Chain 630
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
Request Chain 631
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw==&gdpr=0&gdpr_consent=
Request Chain 637
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
Request Chain 638
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
Request Chain 639
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Request Chain 640
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Request Chain 641
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiOTViZTU4MGQtNTdiMS00N2MwLWI2NjYtYzNjODExMTRjYzZkIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMM1pKMlhQNC1ULTRZRkUiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo0MS43MTc5NTFaIn19LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTc5NDhaIn0=
Request Chain 642
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1654326166914 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 643
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
Request Chain 644
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Request Chain 645
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 646
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
Request Chain 650
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3440408375380958027&gdpr=0&gdpr_consent=
Request Chain 672
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1m_dOtBu3WrNb4Vrgj7JPdM71jnNOIY90jhzkq_L
Request Chain 673
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=bff618de-2b06-48a2-bbff-b6ccc8d39000 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=bff618de-2b06-48a2-bbff-b6ccc8d39000 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ba1b618e-e9bf-4e72-8c34-6498ab955e8a&user_group=1&ssp=openx&bsw_param=bff618de-2b06-48a2-bbff-b6ccc8d39000 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
Request Chain 674
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1783777313217276866
Request Chain 675
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=F2FA02F7620E412F9BAA59AB0D5D3BA6
Request Chain 676
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=cba8fd5f-7643-0556-3606-69c1de567f2b HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=cba8fd5f-7643-0556-3606-69c1de567f2b&_li_chk=true&previous_uuid=e3fcbad1c78742dc97169a0c3056ed78 HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=cba8fd5f-7643-0556-3606-69c1de567f2b&previous_uuid=b6848079d925431aa6d811c119e76a6a HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID} HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3440408375380958027 HTTP 303
  • https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3440408375380958027
Request Chain 679
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=FEir5-gfhgmS9Nlwh9mEfg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 680
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=caf8629b-0391-4400-a758-3b41b5522cdf
Request Chain 681
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=53b20474-e3d4-11ec-9e45-a33c04345cd2
Request Chain 690
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
Request Chain 691
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
Request Chain 692
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
Request Chain 693
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
Request Chain 710
  • https://x.bidswitch.net/sync?ssp=adagio&user_id=56735439-e633-46d2-80a7-efc79ea21be5 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bff618de-2b06-48a2-bbff-b6ccc8d39000&ssp=adagio&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594507021203644355&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadagio%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=42e810d3-10eb-45f8-8040-856705c10d9a&ssp=adagio&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594507021203644355&ssp=adagio&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208120804172002044652&ssp=adagio&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594507021203644355&ssp=adagio&gdpr=&gdpr_consent= HTTP 302
  • https://u.4dex.io/setuid?bidder=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
Request Chain 711
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_169133db-c4e8-48d7-8739-0fffd5896912&obuid=ENC(OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Request Chain 712
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
Request Chain 713
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_51b96af39a72406f8fcbc
Request Chain 715
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFDDU7FNgcAAEin6MYPOw&expiration=1655535767
Request Chain 716
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3392f07ea59208e5&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKEP_9Dz12QNhuW7kAAAAAAA&expiration=1654412567&is_secure=true
Request Chain 717
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2633905662877009385&expiration=1655535767
Request Chain 718
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z7UJSmG0CRp8tVEbM-QdTWLhAkl84lJNY-ID0EI9
Request Chain 719
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YpsDj6V2eezDp-7lpu.RAQAA%26463 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=830a739c-b9f7-461e-a60c-416f5d251854-tuct9948917
Request Chain 720
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aWA2V2Z3TFhFZKgtJANe65U4mbI
Request Chain 721
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7076125662044973569
Request Chain 722
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDNHR2xN1NXnO75
Request Chain 725
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
Request Chain 726
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=U0flkVVG5cFIR73ABxbxllYT7pJIEL6WVxAXhjwz
Request Chain 727
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=06030001_629b0397d2a72&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=06030001_629b0397d2a72&gdpr=0&gdpr_consent=
Request Chain 728
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
Request Chain 734
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGRERVN0ZOZ2NBQUVpbjZNWVBPdw&bee_sync_partners=pm%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFDDU7FNgcAAEin6MYPOw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFDDU7FNgcAAEin6MYPOw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFDDU7FNgcAAEin6MYPOw&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFDDU7FNgcAAEin6MYPOw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFDDU7FNgcAAEin6MYPOw
Request Chain 736
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B331_F0EE6949_66B6C0D9
Request Chain 738
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=EDNHR2xN1NXnO75
Request Chain 739
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2633905662877009385
Request Chain 741
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
Request Chain 742
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
Request Chain 743
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
Request Chain 744
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
Request Chain 755
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 762
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Request Chain 773
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac3vfv4svbq87v&ret=img&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=57580180-e3d4-11ec-b070-0a4515f2e365&companyId=19&id=disqus_id%3Ac3vfv4svbq87v&ret=img&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Request Chain 774
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D0%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac3vfv4svbq87v HTTP 302
  • https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c3vfv4svbq87v&puid=575c6e50-e3d4-11ec-b0a9-23f62dfb22b8
Request Chain 779
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6e39242a57d008e6&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAADKVTZJgcY4ANj4AecAAAAAAA&expiration=1654412568&nuid={OX_USER_ID}&is_secure=true
Request Chain 780
  • https://px.owneriq.net/eox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7076125662044973569
Request Chain 783
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=c2255066-d4e6-06b9-03db-2b20a61e46f8 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=c2255066-d4e6-06b9-03db-2b20a61e46f8 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662299046521505
Request Chain 784
  • https://sync.1rx.io/usersync/openx/582831b9-3a2c-0d4c-246d-cc2ff278f2b8 HTTP 302
  • https://sync.1rx.io/usersync/openx/582831b9-3a2c-0d4c-246d-cc2ff278f2b8?zcc=1&cb=1654326168139
Request Chain 794
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&gdpr=0
Request Chain 796
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L3ZJ2XP4-T-4YFE&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 797
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=caf8629b-0391-4400-a758-3b41b5522cdf&expires=28
Request Chain 798
  • https://um.simpli.fi/rb_match?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F2FA02F7620E412F9BAA59AB0D5D3BA6&expires=365
Request Chain 799
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=EDNHR2xN1NXnO75&expires=30&gdpr=0
Request Chain 800
  • https://ad.turn.com/r/cs?pid=6&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3440408375380958027&expires=60&gdpr=0&gdpr_consent=
Request Chain 801
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=53b20474-e3d4-11ec-9e45-a33c04345cd2&expires=30&gdpr=0
Request Chain 808
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8mRpzLKcW6Wqu0X0xdx-Ye-RCAKv4R5xXzEM3242yRtv5ifIBLgMMbFe3DyaMcWK HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8mRpzLKcW6Wqu0X0xdx-Ye-RCAKv4R5xXzEM3242yRtv5ifIBLgMMbFe3DyaMcWK&prevuid=06030001_629b0397d2a72&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8mRpzLKcW6Wqu0X0xdx-Ye-RCAKv4R5xXzEM3242yRtv5ifIBLgMMbFe3DyaMcWK&google_hm=MDYwMzAwMDFfNjI5YjAzOTdkMmE3Mg%3D%3D
Request Chain 809
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2Yv6pvdBWYUKQVe0WIPhKN8Rc1Hgxkn-DnObSqLEEYHfYcKKMiT8-Tr8jC1MDjwWPT6dV0n1IhRxgPe-7Dteq2ndGt1877c HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2Yv6pvdBWYUKQVe0WIPhKN8Rc1Hgxkn-DnObSqLEEYHfYcKKMiT8-Tr8jC1MDjwWPT6dV0n1IhRxgPe-7Dteq2ndGt1877c&prevuid=06030001_629b0397d2a72&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2Yv6pvdBWYUKQVe0WIPhKN8Rc1Hgxkn-DnObSqLEEYHfYcKKMiT8-Tr8jC1MDjwWPT6dV0n1IhRxgPe-7Dteq2ndGt1877c&google_hm=MDYwMzAwMDFfNjI5YjAzOTdkMmE3Mg%3D%3D
Request Chain 810
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEMuvmDxuE06djVXMbqMIYys&google_cver=1&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tlDbg0E57sQlcdDLAq-qGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d3a6508f-54e7-4789-8a56-c2ebface8ad6&ccid=d3a6508f-54e7-4789-8a56-c2ebface8ad6&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEMuvmDxuE06djVXMbqMIYys%2526google_cver%253d1%2526google_push%253dAYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl%252d80bxt5j0Z%252dtlDbg0E57sQlcdDLAq%252dqGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ%2526anx_uId%253d%2524UID HTTP 303
  • https://a.clickcertain.com/px/li/?ccid=d3a6508f-54e7-4789-8a56-c2ebface8ad6&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEMuvmDxuE06djVXMbqMIYys%26google_cver%3d1%26google_push%3dAYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl%2d80bxt5j0Z%2dtlDbg0E57sQlcdDLAq%2dqGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ%26anx_uId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMuvmDxuE06djVXMbqMIYys&google_cver=1&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tlDbg0E57sQlcdDLAq-qGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMuvmDxuE06djVXMbqMIYys&google_cver=1&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tlDbg0E57sQlcdDLAq-qGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ&anx_uId=1696151633887888005 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tlDbg0E57sQlcdDLAq-qGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ&google_hm=ZDNhNjUwOGYtNTRlNy00Nzg5LThhNTYtYzJlYmZhY2U4YWQ2
Request Chain 811
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAaaFsMN1RyegTTPrFXhmJ0&google_cver=1&google_push=AYg5qPK9hIM1OcPZi2zZgYxE-udBkl5bGlDU1tN2LHYwpMUX80ogx-lWy9jLQkpz2KV0Iqsz9TjzTp4vbPYKpNwfz94i-SmNI60Orp91aBH8ds6Y1rQRVpxFaeqNc8GDStLDokrJSYJFdKpE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aWA2V2Z3TFhFZKgtJANe65U4mbI&google_push=AYg5qPK9hIM1OcPZi2zZgYxE-udBkl5bGlDU1tN2LHYwpMUX80ogx-lWy9jLQkpz2KV0Iqsz9TjzTp4vbPYKpNwfz94i-SmNI60Orp91aBH8ds6Y1rQRVpxFaeqNc8GDStLDokrJSYJFdKpE
Request Chain 812
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJwvjgtJmormDm3JpaxvROQ&google_cver=1&google_push=AYg5qPL250fnfi6RZfFZ6z3V8ezECJ2LkLx6KVkQRPGyWHlkF4bTwrBj9fOctxv4bdwRLujjyH3vYXtaXkWpCMtM1VN_jwAeSBPBc-4Tc5K4kUni2fsl2EY9YAvE56Exi5cfq0yDHL-Eg0UD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPL250fnfi6RZfFZ6z3V8ezECJ2LkLx6KVkQRPGyWHlkF4bTwrBj9fOctxv4bdwRLujjyH3vYXtaXkWpCMtM1VN_jwAeSBPBc-4Tc5K4kUni2fsl2EY9YAvE56Exi5cfq0yDHL-Eg0UD&google_hm=Zzg4YWE4OGNlYWNiMTQwMDAzMTM=
Request Chain 813
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL3HOfNmwXzRnSYVnkKIibI&google_cver=1&google_push=AYg5qPLwGxhivCbObC8F3enCn2nmX3rALdiKqrxAZPHeWGJgEcbYBomEW7eZwJN7GAnlTRxeljRptXILd7XH6MVqQ2SGB97m9tApld1kAtc95Xk_XCtbL5FuMVSPG5HCos_NiLP2INVZxKR- HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLwGxhivCbObC8F3enCn2nmX3rALdiKqrxAZPHeWGJgEcbYBomEW7eZwJN7GAnlTRxeljRptXILd7XH6MVqQ2SGB97m9tApld1kAtc95Xk_XCtbL5FuMVSPG5HCos_NiLP2INVZxKR-&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1654326168220 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwGxhivCbObC8F3enCn2nmX3rALdiKqrxAZPHeWGJgEcbYBomEW7eZwJN7GAnlTRxeljRptXILd7XH6MVqQ2SGB97m9tApld1kAtc95Xk_XCtbL5FuMVSPG5HCos_NiLP2INVZxKR-&google_hm=
Request Chain 814
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEIOFe5rGLSM7sSlIEWLttuU&google_cver=1&google_push=AYg5qPLYAVFEsjjdSDaHz0EYy9L8ZDGloe98nkOYDgOrx9h8oREdx96zaxpTZIo00UXdYDLElmNs4h4vvBGCho-P87-2amo0_JYzn3gzDO33TFwdA_EaoFDWtEaIOsE34FjnSKTUyGdXVj-A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLYAVFEsjjdSDaHz0EYy9L8ZDGloe98nkOYDgOrx9h8oREdx96zaxpTZIo00UXdYDLElmNs4h4vvBGCho-P87-2amo0_JYzn3gzDO33TFwdA_EaoFDWtEaIOsE34FjnSKTUyGdXVj-A&google_hm=WXBzRGtzQ284WVVBQUt6dU5BQUFBQUFB
Request Chain 818
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFeo4Iaa9tJmYhj83ki4FG0&google_cver=1&google_push=AYg5qPIjbkbFJkRxAX-tAqVJcdCPd-EIA9HKwnItPzr7VOANgRB0xnEqLI9vj3yfBFxgPVCnt3SkIi9KHLbiSXQN90ARsqdEKUJTERb55uEJmJ_KJRQjCA2HVxPQzttceRSFMK5hatt1DzmK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ0MDQwODM3NTM4MDk1ODAyNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEFeo4Iaa9tJmYhj83ki4FG0&google_cver=1
Request Chain 819
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL9s7V-fJ1NSEWuwb3oCmAg&google_cver=1&google_push=AYg5qPI-8L9xohL6IBwOmHltnQ6vpVAxhwj87phSR4HRImFgRoY-ex0zh_DVf32xyVk9pvLRDx_Qnh9YnZ23h_abeXMQ9fW8ZBocwtllSwhKWcfCObx-F31drjqTrSlW5QIXwlc57A-_s57O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RUROSFIyeE4xTlhuTzc1&google_gid=CAESEL9s7V-fJ1NSEWuwb3oCmAg&google_cver=1&google_push=AYg5qPI-8L9xohL6IBwOmHltnQ6vpVAxhwj87phSR4HRImFgRoY-ex0zh_DVf32xyVk9pvLRDx_Qnh9YnZ23h_abeXMQ9fW8ZBocwtllSwhKWcfCObx-F31drjqTrSlW5QIXwlc57A-_s57O
Request Chain 820
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGRwC2i3B4SwGGE7Rp-9qIE&google_cver=1&google_push=AYg5qPKcpzcIIttcJZ0DOye0OTwL8YpsxF_naf9-R_MnhF7LWlKeXA97lWEj5l5uLwm6eNKbrFPfUj0kHAmWylMqItFWZ0j6S8FIein_S-xxtMDWIjfgmIFkfWP-URt0IQ7e_lDBwQh1KHk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=00zl6Ix2TnezZZbyt22kMmKbA5E
Request Chain 821
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDjXSTKpvbviU8aZ9vXbhwM&google_cver=1&google_push=AYg5qPIq8SPRs9qVoKwAnjvbAAHF750sKm3QjO-JHFdjIOKlHWUGTG-nZqhe3Xp07fen9GynniYLngA6r2ItGVK40ZWtJby5Ojbrb3f02kIZdOz-Va4zh6mWdLrp3vR-L5opfSqNGC1voZGp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIq8SPRs9qVoKwAnjvbAAHF750sKm3QjO-JHFdjIOKlHWUGTG-nZqhe3Xp07fen9GynniYLngA6r2ItGVK40ZWtJby5Ojbrb3f02kIZdOz-Va4zh6mWdLrp3vR-L5opfSqNGC1voZGp&google_hm=MTgyMTk5MjU1MTQ3NjkzOTY3OQ%3D%3D
Request Chain 822
  • https://rtb.openx.net/sync/dds?google_gid=CAESECC_tUhu76voglSw8ZhZTkc&google_cver=1&google_push=AYg5qPJ6UoDi2CwgpOSBe6BAtpPuAeitWCl5S7LbRTzJaAiCZRBM-qjWtx9afJ83Xf5GNvQmTxL9Bj73N6XdrijESp07tTUEDDbdnajH94BnINiyAkDN1ZNkmkWiFAYpryvMTtuqbyNRx52t HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ6UoDi2CwgpOSBe6BAtpPuAeitWCl5S7LbRTzJaAiCZRBM-qjWtx9afJ83Xf5GNvQmTxL9Bj73N6XdrijESp07tTUEDDbdnajH94BnINiyAkDN1ZNkmkWiFAYpryvMTtuqbyNRx52t&google_hm=FEir5-gfhgmS9Nlwh9mEfg==
Request Chain 823
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMUjgix5YYjhX1ynmnrYN28&google_cver=1&google_push=AYg5qPLtTGQnrlcoc6N-0QIf96GvqmAVK2dByj20Oar7YFWwU12bA9CkmVOCjtbo4BFx22RqFOVAdg25zLHHRHfF2Tycgo7neW6qMEXAvQObaY2S96wwudnqqII5-z5EkGlzr_QVxFiFf8we HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPLtTGQnrlcoc6N-0QIf96GvqmAVK2dByj20Oar7YFWwU12bA9CkmVOCjtbo4BFx22RqFOVAdg25zLHHRHfF2Tycgo7neW6qMEXAvQObaY2S96wwudnqqII5-z5EkGlzr_QVxFiFf8we&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Request Chain 824
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPK6BYFrSLbaxhB8VIc2ZvzM8rgjC-Rq6HTv37Fd1Ad4gs-JRoPXkStSZM0MToRUQ7OBCqhwE5tofIvFTmFkd7ra4VdrNnKvV1u2LuxL8UBKJUi0YqJI20nsVK4hja7AAkDfnxG2Vh0l%26google_hm%3D%5BUID%5D&google_gid=CAESEJPS2E1pdVpdBuylG70hF7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPK6BYFrSLbaxhB8VIc2ZvzM8rgjC-Rq6HTv37Fd1Ad4gs-JRoPXkStSZM0MToRUQ7OBCqhwE5tofIvFTmFkd7ra4VdrNnKvV1u2LuxL8UBKJUi0YqJI20nsVK4hja7AAkDfnxG2Vh0l&google_hm=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Request Chain 828
  • https://ad.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=5818cbe3-0415-4bc2-b812-970695154f41
Request Chain 835
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1696151633887888005 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3cbc73b2-c97c-4c6c-bfeb-8bf66b66116e%3A1654326168.01&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc3vfv4svbq87v HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c3vfv4svbq87v HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
Request Chain 836
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3cbc73b2-c97c-4c6c-bfeb-8bf66b66116e%3A1654326168.01&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1783777313217276866 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c3vfv4svbq87v HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
Request Chain 837
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=3cbc73b2-c97c-4c6c-bfeb-8bf66b66116e%3A1654326168.01 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=42e810d3-10eb-45f8-8040-856705c10d9a%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=42e810d3-10eb-45f8-8040-856705c10d9a%2C
Request Chain 838
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP8A921WY8AnQMCa9Xu9DAY&google_cver=1&google_push=AYg5qPLqE3wlShaEzDwe39TjxIVsW39D_kGWHjzsjHGS5ZULGxor54l3LrrEF4hj0_tF_koOU5mivZcdn-kwC5sPv1YIRbefp7wb-Iuyz4lHsY2o_egLBRx25ZdO1YSBwDVsOKw8F1tdeQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7f51a0fdf8dc08e4&is_secure=true&networkId=14000&version=1&google_gid=CAESEP8A921WY8AnQMCa9Xu9DAY&google_cver=1&google_push=AYg5qPLqE3wlShaEzDwe39TjxIVsW39D_kGWHjzsjHGS5ZULGxor54l3LrrEF4hj0_tF_koOU5mivZcdn-kwC5sPv1YIRbefp7wb-Iuyz4lHsY2o_egLBRx25ZdO1YSBwDVsOKw8F1tdeQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAADKJ7zBD18CQNiaB3oAAAAAAA&expiration=1654412568&google_cver=1&is_secure=true&google_gid=CAESEP8A921WY8AnQMCa9Xu9DAY&google_push=AYg5qPLqE3wlShaEzDwe39TjxIVsW39D_kGWHjzsjHGS5ZULGxor54l3LrrEF4hj0_tF_koOU5mivZcdn-kwC5sPv1YIRbefp7wb-Iuyz4lHsY2o_egLBRx25ZdO1YSBwDVsOKw8F1tdeQ
Request Chain 839
  • https://fksnk.com/cs/google?google_gid=CAESEAycDsrz9W_nfW-qiE5n3hA&google_cver=1&google_push=AYg5qPLszkWTnSPVg5jx2U3zL4kK4NjlKSBt0aXX4_XPQID5m1yoLSAQNiSGetkGgc1ZWLmYTbw-ul2dQTnOSYUbLxI1ZGigPYZ2p4Sl_xWJ11ZbQu7uK2wLuR_nJCiGeOCrSvNU21a4Aw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RENGOTg5MTg4MkM4MkIwOA==
Request Chain 840
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEM5pVygH_5iVZum_vchr9b8&c_param1=AYg5qPK3mg8q70Bqs5GGOXkzSxfOcG2rI4i_h25eho4852fvCNUZnvlRFb_FX_HQNNv2lVuc8MRSWXIogGtPFMXGl1dApJvGMUIj1kUMkl34NkPWMIeyUVDpkPR0PDObliJaPGE1KxiFVw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPK3mg8q70Bqs5GGOXkzSxfOcG2rI4i_h25eho4852fvCNUZnvlRFb_FX_HQNNv2lVuc8MRSWXIogGtPFMXGl1dApJvGMUIj1kUMkl34NkPWMIeyUVDpkPR0PDObliJaPGE1KxiFVw
Request Chain 841
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMUjgix5YYjhX1ynmnrYN28&google_cver=1&google_push=AYg5qPKbPbFt9RpzCb13SB-PsNkKLWZyd35loFlJVANpdZYOTieDCW-bQoSDjmOfS3ocEOvhp_9MuZ9Os8M2ez_ZBsrnDmas5Z3Wq0j0rhvoDIr7R6fn5CEVdZjwbL6qgwT3UqXV5fOx3ic HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKbPbFt9RpzCb13SB-PsNkKLWZyd35loFlJVANpdZYOTieDCW-bQoSDjmOfS3ocEOvhp_9MuZ9Os8M2ez_ZBsrnDmas5Z3Wq0j0rhvoDIr7R6fn5CEVdZjwbL6qgwT3UqXV5fOx3ic&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Request Chain 842
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHhq1-6PXCceNE1E8dl_LTU&google_cver=1&google_push=AYg5qPKew-fIHtOpBa5OB3pGFyNBhtYo46cS5zjdmhPvd5971txwciEbRFSxgOPXvKGvnHDCdjsjWBcubrqKsMgcvtOF1saMHaVcj-c49YOrpRx5jVIwB9nmH0CaW7Do8OHbegYSs94emUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKew-fIHtOpBa5OB3pGFyNBhtYo46cS5zjdmhPvd5971txwciEbRFSxgOPXvKGvnHDCdjsjWBcubrqKsMgcvtOF1saMHaVcj-c49YOrpRx5jVIwB9nmH0CaW7Do8OHbegYSs94emUQ
Request Chain 843
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGllgny_e5ihOj2mVHIiipU&google_cver=1&google_push=AYg5qPKNzcZcDjvZ7EMX97hQ80PoSKCAD_0TOd_Vb6o8OGGcVjJU3atNdoHoQwYQqlUconV0mB4NAgs9vjBWs8Cjvwu-C1s9myNHOnYZNogRDw6U7vx6sC0xzHyfDocJ9chL2xwGrGCu-5A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKNzcZcDjvZ7EMX97hQ80PoSKCAD_0TOd_Vb6o8OGGcVjJU3atNdoHoQwYQqlUconV0mB4NAgs9vjBWs8Cjvwu-C1s9myNHOnYZNogRDw6U7vx6sC0xzHyfDocJ9chL2xwGrGCu-5A&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw%3D%3D
Request Chain 844
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHnvZsEAZqjgUSBzY5hT5go&google_cver=1&google_push=AYg5qPJzD3nhmiAypwt3rpZqbfy6E84F9jHQKq4yOiVAGbWAl-a8zinZWsIls7GZqFXlfWMtB230_DMH5i1jVeuWkuybv_gpUsmZSnHoPy6T_PwBpBiTMEks6ZgcpuDTacWmVaDfoAD8aT4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KV1Q5RkZSRTJ1RjQ3Y0JHSTlWYnBHWDQyYmJheHhzTn5B&google_push=AYg5qPJzD3nhmiAypwt3rpZqbfy6E84F9jHQKq4yOiVAGbWAl-a8zinZWsIls7GZqFXlfWMtB230_DMH5i1jVeuWkuybv_gpUsmZSnHoPy6T_PwBpBiTMEks6ZgcpuDTacWmVaDfoAD8aT4
Request Chain 846
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEliVVdlOYNBj0c_eFk_RXI&google_cver=1&google_push=AYg5qPJA9fW8jCjCA-wRNWaKMZjNM-mEG3Npcb9GapAHWboPYO1_1-FIV0yoW8WnCQO3ixcDjoC2Gq6UGqG8wGv9IQer0veAYW-AR-mbGmiaT1etNufvoKZl1dhpCAl2qYwKaU0RaFkrnlbe HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJA9fW8jCjCA-wRNWaKMZjNM-mEG3Npcb9GapAHWboPYO1_1-FIV0yoW8WnCQO3ixcDjoC2Gq6UGqG8wGv9IQer0veAYW-AR-mbGmiaT1etNufvoKZl1dhpCAl2qYwKaU0RaFkrnlbe&google_hm=Be3M-WFnwCOxasLus8jy0A
Request Chain 847
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEL0XqSduED7gjGwkNCHSRr8&google_cver=1&google_push=AYg5qPJ4kdkKxgbJ3G5IrPB3gKdLAoHnyT4oPBtCnWTxbzYx2CISasP90h7y-rsuQoKOejs5VsiLAwIaxyzUiG-DzYdXoPr1rrlM5iU9gnzgOfIyrkqzT5b6ziRDklwvv6eCWQAWKXG6bR-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJ4kdkKxgbJ3G5IrPB3gKdLAoHnyT4oPBtCnWTxbzYx2CISasP90h7y-rsuQoKOejs5VsiLAwIaxyzUiG-DzYdXoPr1rrlM5iU9gnzgOfIyrkqzT5b6ziRDklwvv6eCWQAWKXG6bR-Y&google_hm=UjFCMzMxX0YwRUU2OTQ5XzY2QjZDMEQ5
Request Chain 848
  • https://um.simpli.fi/gp_match?google_gid=CAESECW3U5yyW99JapgSIUDL34c&google_cver=1&google_push=AYg5qPJlPGW7YgKxphNQY5nenvXXgfbzeWR-5FEyZslstVxwLilteVwM_x-ZBKXLYf6BBDvynY56kimk0FAYE4xQXPT_cdmlk3guzFTuF6wyRPQAB_tPG6kQ0BvlYTDu1G8OLgFx9uYHfCM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2FA02F7620E412F9BAA59AB0D5D3BA6&google_push=AYg5qPJlPGW7YgKxphNQY5nenvXXgfbzeWR-5FEyZslstVxwLilteVwM_x-ZBKXLYf6BBDvynY56kimk0FAYE4xQXPT_cdmlk3guzFTuF6wyRPQAB_tPG6kQ0BvlYTDu1G8OLgFx9uYHfCM
Request Chain 849
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMUjgix5YYjhX1ynmnrYN28&google_cver=1&google_push=AYg5qPKIofAiah0SQcqcSIB4BXe1cxNwShfH8U5XYGjXF_2TpUGnn9LRonTQ1KO0qtshXvi6tJtjlE9hijIn1PCOFYelMDYpbYmnGi05bOhDEY3n6jE7pAKNHR556irW42N5-GxfG0CMqqs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKIofAiah0SQcqcSIB4BXe1cxNwShfH8U5XYGjXF_2TpUGnn9LRonTQ1KO0qtshXvi6tJtjlE9hijIn1PCOFYelMDYpbYmnGi05bOhDEY3n6jE7pAKNHR556irW42N5-GxfG0CMqqs&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Request Chain 850
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBiHGimsK9mxCsBygGBiqLo&google_cver=1&google_push=AYg5qPLZNQ7btMjVZWC2E2SZOqHKSuHxB-cM8Rx4vTsvCVgAWZqB3MZ7VglAFqBNtI30ozJ8G3hKLaYU1M5VXr6X2KHNg_cXhvC3a3sdWnrdqCA0qTzzERCztEcPRu3OkMKJpue-zZpyziLG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPLZNQ7btMjVZWC2E2SZOqHKSuHxB-cM8Rx4vTsvCVgAWZqB3MZ7VglAFqBNtI30ozJ8G3hKLaYU1M5VXr6X2KHNg_cXhvC3a3sdWnrdqCA0qTzzERCztEcPRu3OkMKJpue-zZpyziLG
Request Chain 851
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPK40uWH2SiAWEmnv3IWPa2dPiM70iJ7ZvGDcwzBjD_vPHv8vRVPXEuryVGpE-WwrhWIFQNPuF_KrEVhmg5jJl_YKQvsTQbfIBHDhV4_shf_Da98WdQ1cAyIImJmXmCp-Ou5cgkQPlai HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPK40uWH2SiAWEmnv3IWPa2dPiM70iJ7ZvGDcwzBjD_vPHv8vRVPXEuryVGpE-WwrhWIFQNPuF_KrEVhmg5jJl_YKQvsTQbfIBHDhV4_shf_Da98WdQ1cAyIImJmXmCp-Ou5cgkQPlai
Request Chain 852
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSOMWZz0sPq5sidUP76lgaHxJDgIVoLtsRmVELzsMKUUo3CRBz9_Y3tTwIc0nrTx_H94 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMlO4Uyf6yoGs2CQ3_5sfFA%26google_cver%3D1%26google_push%3DAYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSOMWZz0sPq5sidUP76lgaHxJDgIVoLtsRmVELzsMKUUo3CRBz9_Y3tTwIc0nrTx_H94 HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8492896450583913946&exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSOMWZz0sPq5sidUP76lgaHxJDgIVoLtsRmVELzsMKUUo3CRBz9_Y3tTwIc0nrTx_H94 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSOMWZz0sPq5sidUP76lgaHxJDgIVoLtsRmVELzsMKUUo3CRBz9_Y3tTwIc0nrTx_H94
Request Chain 874
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 875
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIoiR24jHLOvrfMaPfJ0LPo&google_cver=1&google_push=AYg5qPL4TBJOCqvWj8sYn_exF74S_xLhHRQT8GJ_IUijS0FWPTrvyBP7XOHxHDlt7Uyp0MT0sQJl_tK1RN4UE7rulWycsRRQz2NLqd_BfcQxIki_AQJawgCBX_Jy-Pm0Tyi5c-vu6ZrZG6M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&google_push=AYg5qPL4TBJOCqvWj8sYn_exF74S_xLhHRQT8GJ_IUijS0FWPTrvyBP7XOHxHDlt7Uyp0MT0sQJl_tK1RN4UE7rulWycsRRQz2NLqd_BfcQxIki_AQJawgCBX_Jy-Pm0Tyi5c-vu6ZrZG6M
Request Chain 876
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFWOL1qH9bfdqOzcq8ScgIU&google_cver=1&google_push=AYg5qPLpf9w9aNzqtKyMmG0O5426v-CIaZb-m0u9OtQZjmYv0WXNRYOUN7i43kqNmmcp6OEeJraR30KPcCpsq1FeKgyceX04w4utmxVlo8BgzI-EuI_EeiNoez6i4axswwoPHRyXvP9weYTb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=7ba3b0ae&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLpf9w9aNzqtKyMmG0O5426v-CIaZb-m0u9OtQZjmYv0WXNRYOUN7i43kqNmmcp6OEeJraR30KPcCpsq1FeKgyceX04w4utmxVlo8BgzI-EuI_EeiNoez6i4axswwoPHRyXvP9weYTb
Request Chain 877
  • https://match.360yield.com/match/ebda?google_gid=CAESEOb7iPGRqwQUX3FV0CkT7_o&google_cver=1&google_push=AYg5qPKIydZCxruEi84wgMXm8WPBpwFv3ezPyMwQqDMttrDltYPhs5Bsjolg0Ri6FM-OXKeB1pvndTd5HRFhQ47Oz13_IQABjUC7LLlCQNA6G1X4tM_-6xDtLliWCis3AuUEM1spxL8qRmls HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WBjL4wQVS8K4EpcGlRVPQQ&google_push=AYg5qPKIydZCxruEi84wgMXm8WPBpwFv3ezPyMwQqDMttrDltYPhs5Bsjolg0Ri6FM-OXKeB1pvndTd5HRFhQ47Oz13_IQABjUC7LLlCQNA6G1X4tM_-6xDtLliWCis3AuUEM1spxL8qRmls
Request Chain 878
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEMmjnH6lApfA06LDTWQg5p0&google_cver=1&google_push=AYg5qPKpPx8ZwaPM_AeeXEd-jdk5ixNF3rXg-x3SQWJacMp0WDUo5onadp__ZFe1GrilHmGwb-vi4cc4Bcdl963KW5vQxC3fOGv-Tva6SAxaaupo5b2vUrtZir4uY3BbtgPucCr5ptvx6qXJ-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=DZEOewx2T2q5hSkzrakvOg==&no_redirect=1&google_push=AYg5qPKpPx8ZwaPM_AeeXEd-jdk5ixNF3rXg-x3SQWJacMp0WDUo5onadp__ZFe1GrilHmGwb-vi4cc4Bcdl963KW5vQxC3fOGv-Tva6SAxaaupo5b2vUrtZir4uY3BbtgPucCr5ptvx6qXJ-w
Request Chain 879
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDFl8G8FytdAAo5Ldz93_As&google_cver=1&google_push=AYg5qPJD5rK-LjS3e_6uDbQG-o1sysChzCf_P0AsUqayyMlE0Mdndi9WsgAuQo5HrnMDp-94Ncea4LRuvkIlQMAQZT_IuCzWDmp3GC4IpDY1tTi6rLB08wxEZ7heOE6y6TsaWor90MQ9LQEUjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJD5rK-LjS3e_6uDbQG-o1sysChzCf_P0AsUqayyMlE0Mdndi9WsgAuQo5HrnMDp-94Ncea4LRuvkIlQMAQZT_IuCzWDmp3GC4IpDY1tTi6rLB08wxEZ7heOE6y6TsaWor90MQ9LQEUjg&google_hm=MTc4Mzc3NzMxMzIxNzI3Njg2Ng==
Request Chain 880
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELnvBUBBSkB5_15ZgOPdPmU&google_cver=1&google_push=AYg5qPK9JsalrqsXZw094eUQ7WmALdu9eWX935sbeGaADc8BvFgAgUFuXsITTbLejrnOq6J_c6wu-qtYQTjbD02Tfl1wQL8Ak51LPrexaeHmEZAplbWMLJJyVyfFzmVUVOQ5s3fooNQMt2Tpog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPK9JsalrqsXZw094eUQ7WmALdu9eWX935sbeGaADc8BvFgAgUFuXsITTbLejrnOq6J_c6wu-qtYQTjbD02Tfl1wQL8Ak51LPrexaeHmEZAplbWMLJJyVyfFzmVUVOQ5s3fooNQMt2Tpog&google_hm=piBFAMZvS3qXS3IiBz385LI
Request Chain 881
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHhq1-6PXCceNE1E8dl_LTU&google_cver=1&google_push=AYg5qPJEYrxQeNPvZGppXeFxS4fWq_OhX9hJKwxTLcg49sqjOlaXN9Hu7cUgFz9FXY5k-M9-bhQySD4SZYttiRJJbVRCq9lKiC4paQ0tpg044Dqr_NOcMvsiqySMvs2mSbHpMuUuwq-JbAcLQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJEYrxQeNPvZGppXeFxS4fWq_OhX9hJKwxTLcg49sqjOlaXN9Hu7cUgFz9FXY5k-M9-bhQySD4SZYttiRJJbVRCq9lKiC4paQ0tpg044Dqr_NOcMvsiqySMvs2mSbHpMuUuwq-JbAcLQQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 884
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOnZg3ZLnlKTzRj7m9zhT4c&google_cver=1&google_push=AYg5qPLD4MNwCtWyL2fVadUo6fXKLQP-XtaYCDjf3NysOv4nOPaZcm7UeXb2sSUbifxOUN9Yi-bldju8STxVgOcKUNOKwZbue1gZjYnvCNnFR7FPZNeChUJJiAhE0Aj0RGxtpp_q4yX-BBFT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXBzRGtRQUdXSzVGSVFBbw==&google_gid=CAESEOnZg3ZLnlKTzRj7m9zhT4c&google_cver=1&google_push=AYg5qPLD4MNwCtWyL2fVadUo6fXKLQP-XtaYCDjf3NysOv4nOPaZcm7UeXb2sSUbifxOUN9Yi-bldju8STxVgOcKUNOKwZbue1gZjYnvCNnFR7FPZNeChUJJiAhE0Aj0RGxtpp_q4yX-BBFT
Request Chain 885
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELdHr1CkoEmcs8OLL3cbyJU&google_cver=1&google_push=AYg5qPKQQary2Ba5-4tfPD7d9Sef9J6wqLeRcMd_Zzj472scCK1l8QHgJx6PFc3Ki-1JCWbYufQUkKWHiy0gdiedMxN6FuUKkB6HLd9QXtRV2xUUO7xywoEv9TLnyfyOE6ygkuNYAihQXPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzMzkwNTY2Mjg3NzAwOTM4NQ&google_push=AYg5qPKQQary2Ba5-4tfPD7d9Sef9J6wqLeRcMd_Zzj472scCK1l8QHgJx6PFc3Ki-1JCWbYufQUkKWHiy0gdiedMxN6FuUKkB6HLd9QXtRV2xUUO7xywoEv9TLnyfyOE6ygkuNYAihQXPw
Request Chain 886
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPJqSYlYS5_g0DhWpqbIcw8c7dQ0aJmhQ-sesvPO-WpqSN_JA1kPlsxequ1cFIedsuJIQJaRNmSP3Dh1jFe1ZQS1dwett9SxMf2rOS_1cp-XuKxpkgItnXMxBgG_hW17BKVgkTeDWwc1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPJqSYlYS5_g0DhWpqbIcw8c7dQ0aJmhQ-sesvPO-WpqSN_JA1kPlsxequ1cFIedsuJIQJaRNmSP3Dh1jFe1ZQS1dwett9SxMf2rOS_1cp-XuKxpkgItnXMxBgG_hW17BKVgkTeDWwc1
Request Chain 887
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ0Z35YuEzS2o-Gf0OC-8XtP3Wh-fxZP5dIkUi7sq6mVvthHr6NF1MaAHrhd26BDElPeMaBdsITzjHsYbCr3rLX7MS2rNiDXD1PxBcnTq2_7Iku5VGE0YzzyNnzdvy5eL9VaZi4Fodz%26google_hm%3D%5BUID%5D&google_gid=CAESEJPS2E1pdVpdBuylG70hF7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ0Z35YuEzS2o-Gf0OC-8XtP3Wh-fxZP5dIkUi7sq6mVvthHr6NF1MaAHrhd26BDElPeMaBdsITzjHsYbCr3rLX7MS2rNiDXD1PxBcnTq2_7Iku5VGE0YzzyNnzdvy5eL9VaZi4Fodz&google_hm=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Request Chain 888
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEbRhzF_k818wahntYtpRmU&google_cver=1&google_push=AYg5qPKSpaZgiGpcYjoZBNS-CiKn2fqtbyO7Vj27UIUkc5K65QCx9dNQG5m3yq2WQRI3_tUUwLjjA0JXj8fozXIhldS3EMDvtJ4YG28xGXzOnKJj_69fFFq8o66vt9DOHcc_qd9I1MtRcnAV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&mn_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKSpaZgiGpcYjoZBNS-CiKn2fqtbyO7Vj27UIUkc5K65QCx9dNQG5m3yq2WQRI3_tUUwLjjA0JXj8fozXIhldS3EMDvtJ4YG28xGXzOnKJj_69fFFq8o66vt9DOHcc_qd9I1MtRcnAV&gdpr=&gdpr_consent=
Request Chain 889
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELzP3ZKesMZoSTXoWZatY7k&google_cver=1&google_push=AYg5qPK34JmFDSQoZWJ8y-C2dSl-0eE3s4ulXu_6C3GXJDQPGSyxdb88Ef6rxX0J2SDL18SvZsKvbDaERLD7bqdp6zWCU6qIJUzn_8Qv-CEDSVGoHCY320DG67NTdlLlYpIALlGm_RI5CDSZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNWY0YWY2ZmRmZDBmNDc2YzUxYWNlNmRiNjc0NDgyMWE=&google_push=AYg5qPK34JmFDSQoZWJ8y-C2dSl-0eE3s4ulXu_6C3GXJDQPGSyxdb88Ef6rxX0J2SDL18SvZsKvbDaERLD7bqdp6zWCU6qIJUzn_8Qv-CEDSVGoHCY320DG67NTdlLlYpIALlGm_RI5CDSZ
Request Chain 890
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1FyMZ_mZwEiRIKiYQ4eYJSqte_B0QShlwMGZTr9-RJTy9RRBMReq5iOf0ddFO3PzfF_3 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMlO4Uyf6yoGs2CQ3_5sfFA%26google_cver%3D1%26google_push%3DAYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1FyMZ_mZwEiRIKiYQ4eYJSqte_B0QShlwMGZTr9-RJTy9RRBMReq5iOf0ddFO3PzfF_3 HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8492896450583913946&exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1FyMZ_mZwEiRIKiYQ4eYJSqte_B0QShlwMGZTr9-RJTy9RRBMReq5iOf0ddFO3PzfF_3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1FyMZ_mZwEiRIKiYQ4eYJSqte_B0QShlwMGZTr9-RJTy9RRBMReq5iOf0ddFO3PzfF_3
Request Chain 899
  • https://idsync.rlcdn.com/462246.gif?partner_uid=c3vfv4svbq87v HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
Request Chain 900
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
Request Chain 901
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CO8KEhgKFAgBEPkHGg1jM3ZmdjRzdmJxODd2EAAalwEIl4fslAYSBAgCEAASBQiUKRAAEgUI5SsQABIFCOYrEAASBQjnKxAAEgUI6CsQABIFCOkrEAASBQjqKxAAEgUI6ysQABIFCOwrEAASBQjtKxAAEgUI7isQABIFCNVDEAASBQjeThAAEgYI7OsBEAASBgjjrysQABIGCO2vKxAAEgYI7q8rEAASBgjvrysQABIGCPCvKxAAQgBKAA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CO8KEhgKFAgBEPkHGg1jM3ZmdjRzdmJxODd2EAAalwEIl4fslAYSBAgCEAASBQiUKRAAEgUI5SsQABIFCOYrEAASBQjnKxAAEgUI6CsQABIFCOkrEAASBQjqKxAAEgUI6ysQABIFCOwrEAASBQjtKxAAEgUI7isQABIFCNVDEAASBQjeThAAEgYI7OsBEAASBgjjrysQABIGCO2vKxAAEgYI7q8rEAASBgjvrysQABIGCPCvKxAAQgBKAA&google_gid=CAESEMMGMLZH5ws0ccQ0309Ml8U&google_cver=1 HTTP 307
  • https://rc.rlcdn.com/456809.gif?n=16&cparams=placement%3D1391 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
Request Chain 902
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=980ce6e2-1f57-432a-9bd0-c3f2cf92728f
Request Chain 904
  • https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D1391 HTTP 307
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=caf8629b-0391-4400-a758-3b41b5522cdf
Request Chain 905
  • https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D1391 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
Request Chain 906
  • https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D1391 HTTP 307
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=72a5fb4633bb8f41e27e94cc8e9aeea94e19661809b7fe4fa1c0025841e8fd37c0cb235b3774c97e&cb=06969182
Request Chain 907
  • https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D1391 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Request Chain 908
  • https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D1391 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=956f7b05f9253506001945cd4f208886fa7c2331c4932c878c29d4842d2616aab0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=956f7b05f9253506001945cd4f208886fa7c2331c4932c878c29d4842d2616aab0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://idsync.rlcdn.com/362248.gif?partner_uid=67652380882744311431016741235110046064
Request Chain 911
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 928
  • https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D1391 HTTP 307
  • https://tags.bluekai.com/site/2035?phint=rluid=27d9bcaec3b3e8f2d530a18898b8a9196ac1cc4624f664a9e819f7bb37c841932971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
  • https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Request Chain 929
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://pbs.nextmillmedia.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=EwNGcBZHlxfgonDXRwy1yjjY
Request Chain 936
  • https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D1391 HTTP 307
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=X-njCZQ5NpT3WET0fu7FqJYW7ISbb5b4
Request Chain 937
  • https://rc.rlcdn.com/456809.gif?n=8&cparams=placement%3D1391 HTTP 307
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ
Request Chain 940
  • https://idsync.rlcdn.com/420046.gif?partner_uid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
Request Chain 942
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=LzYl8o9JwaVt_2Mo36Wu&gdpr=0&us_privacy=1---
Request Chain 943
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1696151633887888005&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 944
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_pd=1&gdpr_consent=
Request Chain 946
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Request Chain 949
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
Request Chain 950
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3Dbff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=caf8629b-0391-4400-a758-3b41b5522cdf&expires=30&ssp=outbrain&bsw_param=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 951
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%26uid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=criteo&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78
Request Chain 952
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMxw6ww8E7SiWnvzI-7zIW8&google_cver=1 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
Request Chain 953
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7105276792781666443
Request Chain 956
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=DEf6JokJqJ47SmJlfWk4&pi=outbrain
Request Chain 957
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L3ZJ2XP4-T-4YFE
Request Chain 958
  • https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidtellect&uid=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 960
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://idsync.rlcdn.com/397416.gif?partner_uid=d01f4caee5c9b05e1731903996871aa7 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
Request Chain 961
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 962
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 963
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESENfV2N9tlb7fxBHOKetopyQ&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F2FA02F7620E412F9BAA59AB0D5D3BA6 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%26uid%3D855B06D3-3D54-4A42-91F6-827309E6A457 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=855B06D3-3D54-4A42-91F6-827309E6A457
Request Chain 964
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=7b0f08dc-3e77-02db-17ef-c76aec7b79ef
Request Chain 965
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
Request Chain 966
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=1696151633887888005brt77741654326161870409ba&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 967
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=5818cbe3-0415-4bc2-b812-970695154f41&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 968
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1654326169327 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Request Chain 969
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=7ba3b0ae&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 970
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=8867012480303613517&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
Request Chain 972
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=25D7ABA302DE40CDACD5FDD4F5407C54&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 974
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Request Chain 975
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
Request Chain 976
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=AzFRawUwUTsYMQk6V2BFbAZlWmgYZgpsB2bQMMUg
Request Chain 977
  • https://rc.rlcdn.com/456809.gif?n=9&cparams=placement%3D1391 HTTP 307
  • https://sync-tm.everesttech.net/upi/pid/w8wqx7f2?redir=https%3A%2F%2Fidsync.rlcdn.com%2F367148.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=YpsDkQAGWK5FIQAo
Request Chain 978
  • https://rc.rlcdn.com/456809.gif?n=10&cparams=placement%3D1391 HTTP 307
  • https://loadm.exelator.com/load/?p=204&g=450&rluid=b24250a426be424505059ab562227c184d1e0af4b3523a3edec80fd34ef088f0f2fc7f7248dfd545&j=0 HTTP 302
  • https://idsync.rlcdn.com/362708.gif?partner_uid=d01f4caee5c9b05e1731903996871aa7 HTTP 307
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTk1NjkwMzUvdC8y/dpuid/0c42cbff2ab4b55e7cfa707dec4654cdbb0100aa02e406cc12b88e7f12a0e9663528d9f17d145da0/url/https://idsync.rlcdn.com/367408.gif?partner_uid=$!{TURN_UUID} HTTP 302
  • https://idsync.rlcdn.com/367408.gif?partner_uid=3440408375380958027
Request Chain 979
  • https://rc.rlcdn.com/456809.gif?n=11&cparams=placement%3D1391 HTTP 307
  • https://p.adsymptotic.com/d/px?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=b077ee03e5b9b4911b8873b448bdb11f639561f05f521390f088c7f9b9c29d0546fb3967ab0bd795&_rand=01649550&_redirect=https%3A%2F%2Fidsync.rlcdn.com%2F394366.gif%3Fpartner_uid%3D%24%7BUUID%7D HTTP 302
  • https://idsync.rlcdn.com/394366.gif?partner_uid=06da7c091c28e7bf49bdb0525209ee43
Request Chain 980
  • https://rc.rlcdn.com/456809.gif?n=12&cparams=placement%3D1391 HTTP 307
  • https://cms.analytics.yahoo.com/cms?partner_id=LVRMP HTTP 302
  • https://idsync.rlcdn.com/380008.gif?partner_uid=y-JKCjdQ1E2pwncl3kAdvOVIn7oSC0DtqJNyc-~A
Request Chain 981
  • https://rc.rlcdn.com/456809.gif?n=13&cparams=placement%3D1391 HTTP 307
  • https://ads.scorecardresearch.com/p?c1=9&c2=17057153&c3=1&c6=ac37f8858452fc943f66a23e3d9f0626fa4715e63a1d921697790439ff4c987cffebc811cafadc33&placement=1391&cj=1&rn=00630109 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=17057153&c3=1&c6=ac37f8858452fc943f66a23e3d9f0626fa4715e63a1d921697790439ff4c987cffebc811cafadc33&placement=1391&cj=1&rn=00630109
Request Chain 982
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=1696151633887888005
Request Chain 986
  • https://rc.rlcdn.com/456809.gif?n=14&cparams=placement%3D1391 HTTP 307
  • https://pm.w55c.net/ping_match.gif?st=LIVERAMP&rurl=https%3A%2F%2Fidsync.rlcdn.com%2F360787.gif%3Fserved_by%3Devergreen%26partner_uid%3D_wfivefivec_ HTTP 302
  • https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=EDNHR2xN1NXnO75
Request Chain 987
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&f=i&uid=5818cbe3-0415-4bc2-b812-970695154f41
Request Chain 988
  • https://rc.rlcdn.com/456809.gif?n=15&cparams=placement%3D1391 HTTP 307
  • https://lrpush.apxlv.com/?id=45a9b701b1bf35bf44f1bb9d238d3a636cc8eb875fad73802e40f811a2ece6cb282350dfc9d494a0&ret=placement=1391 HTTP 302
  • https://gpush.cogocast.net/?ula=1&cb=lr1&dc_id=d8ce7bafb76d6b9577d22e456a620021 HTTP 302
  • https://cm.g.doubleclick.net/pixel?cb=lr1&google_cm=1&google_hm=2M57r7dta5V30i5FamIAIQ%3D%3D&google_nid=cogo_labs&google_sc=1&ld=1&u=d8ce7bafb76d6b9577d22e456a620021 HTTP 302
  • https://gpush.cogocast.net/?cb=lr1&ld=1&u=d8ce7bafb76d6b9577d22e456a620021&google_gid=CAESECK90RaqA5WRLxfyqJQ3BRs&google_cver=1 HTTP 302
  • https://adadvisor.net/adscores/g.pixel?_redir=https%3A%2F%2Fidsync.rlcdn.com%2F366818.gif%3Fpartner_uid%3Dd8ce7bafb76d6b9577d22e456a620021&partner_id=d8ce7bafb76d6b9577d22e456a620021&sid=9212275448 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?_redir=https%3A%2F%2Fidsync.rlcdn.com%2F366818.gif%3Fpartner_uid%3Dd8ce7bafb76d6b9577d22e456a620021&partner_id=d8ce7bafb76d6b9577d22e456a620021&sid=9212275448&&bounced=1 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1654326170430&ip=149.56.153.178
Request Chain 991
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Request Chain 995
  • https://ssc-cms.33across.com/ps/?_=1654326169738.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&gdpr=&gdpr_consent=&f=b&uid=2130873079196
Request Chain 996
  • https://p.rfihub.com/cm?pub=35686&in=1&us_privacy=&lexicon_id=hgb61f7bf1d89bb HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=93&xu=1783777313217276866&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=93&external_user_id=1783777313217276866&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 997
  • https://pixel.advertising.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy=&apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=108&xu=y-1ri70pBE2uIGM3JTbCxluh3B8rQQm1tg~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=108&external_user_id=y-1ri70pBE2uIGM3JTbCxluh3B8rQQm1tg%7EA&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 998
  • https://rtb.mfadsrvr.com/sync?ssp=the33across&ssp_user_id=&_=1654326169738.4&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?&xi=112&xu=0d910e7b-0c76-4f6a-b985-2933ada92f3a&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=112&external_user_id=0d910e7b-0c76-4f6a-b985-2933ada92f3a&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 999
  • https://bh.contextweb.com/bh/rtset?pid=561516&ev=1&us_privacy=&rurl=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D5%26xu%3D%25%25VGUID%25%25 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=5&xu=em1JAirFG5LC&ev=1&us_privacy=&pid=561516 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=5&external_user_id=em1JAirFG5LC&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1000
  • https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=DvjCBGKbA5HCESIPU54SFw%3D%3D&cb=1654326169738.6&gdpr_consent= HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=60af63fd-9099-4d96-8bf7-b911167775c3&custom=&tag_format=img&tag_action=sync&cb=1654327157&rurl=https://ws.rqtrk.eu/push?dmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000
Request Chain 1001
  • https://map.go.affec.tv/map/3a/?pid=DvjCBGKbA5HCESIPU54SFw%3D%3D&us_privacy=&ts=1654326169738.7 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D629b039ad69a6f00018f3b6d%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 302
  • https://map.go.affec.tv/map/an/1696151633887888005?ch=629b039ad69a6f00018f3b6d&chc=tt&floc=&redirect_url=
Request Chain 1002
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=DvjCBGKbA5HCESIPU54SFw%3D%3D&us_privacy=&random=1654326169738.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D42e810d3-10eb-45f8-8040-856705c10d9a%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1696151633887888005&pt=42e810d3-10eb-45f8-8040-856705c10d9a%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=O4K341Xx
Request Chain 1003
  • https://dp1.33across.com/ps/?pid=669&uid=DvjCBGKbA5HCESIPU54SFw%3D%3D&us_privacy=&random=1654326169738.9 HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=2130873079196&seg_code=33x&random=1654326169
Request Chain 1008
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&f=i&uid=g88aa88ceacb14000313&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1009
  • https://sync.inmobi.com/prebid?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&us_privacy=&callback=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7BID5UID%7D HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=inmobi&gdpr=&gdpr_consent=&f=i&uid=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
Request Chain 1016
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D%23PMUID HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7e2f6ba0-ad77-492e-9ec4-c1463734beb8 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=855B06D3-3D54-4A42-91F6-827309E6A457
Request Chain 1020
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east

1014 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/ 		57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.210.199.153 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
096736a9100a06c332c61e32f1f52c2be3e7a7c14d0664342523d06cc1a2cf33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Sat, 04 Jun 2022 05:12:28 GMT
link
<https://www.iphoneincanada.ca/wp-json/>; rel="https://api.w.org/" <https://www.iphoneincanada.ca/wp-json/wp/v2/posts/365501>; rel="alternate"; type="application/json" <https://wp.me/pdJ4PD-1x5b>; rel=shortlink
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding, Cookie
x-pingback
https://www.iphoneincanada.ca/xmlrpc.php
x-presslabs-stats
MISS; 0.105s; 8 queries; desktop; ttl 14400s; refresh in 7790s
x-request-id
697388122e8bd5e7bc71508b234d40ac
wpo-minify-header-8fc20ef3.min.css
cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/ 		815 B
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/wpo-minify-header-8fc20ef3.min.css
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 06:52:59 GMT
server
nginx
etag
W/"626a39cb-32f"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
ecadde69286530537b29b86f91fb27fc
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2022 11:30:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 04 Jun 2023 07:02:37 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 04 Jun 2023 07:02:37 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 04 Jun 2023 07:02:37 GMT
wpo-minify-header-604f0dd5.min.css
cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/wpo-minify-header-604f0dd5.min.css
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
01ef6ebd6eb1681f764ebaaca655e0fb590967176f2df5b3fd9e67e1bd525ebe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 06:52:59 GMT
server
nginx
etag
W/"626a39cb-8bd"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
ecadde69286530537b29b86f91fb27fc
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
cdn.jsdelivr.net/fontawesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6471594
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA, cache-yyz4555-YYZ
timing-allow-origin
*
server
cloudflare
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdTzH6eK4YKkQDSGRoNntvoi0xuPWBy4wW57t2q55ury7HZ%2FkZ%2FjFuQR7RksyXnILX%2FdQkdTVq19QNxvSzy5wPRYiTlN19vmNU0mXNYRjPKC6aF%2FeQ8%2Bj94W0EVr2SQtjLwrIm7m0KtdebasCgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
715ecdd68b274bbf-YUL
wpo-minify-header-9d800f17.min.css
cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/ 		45 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/wpo-minify-header-9d800f17.min.css
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
34b1155f6700e2d296d08d500ba71f9a31826f441a3ded5b8279c63f28b46d10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 06:52:59 GMT
server
nginx
etag
W/"626a39cb-b4c9"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
ecadde69286530537b29b86f91fb27fc
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 04 Jun 2023 07:02:37 GMT
jquery-migrate.min.js
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 04 Jun 2023 07:02:37 GMT
wpo-minify-header-1c9704b7.min.js
cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/ 		49 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/wpo-minify-header-1c9704b7.min.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
8b053c01e142c48eda51e37ab3baf3e61b6a04067221001d2f7175012a91fe1e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 06:52:59 GMT
server
nginx
etag
W/"626a39cb-c383"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
9426ada24dab63c0cd59b52dd642848e
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KHZNDTL8T
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f595bb2055daf8be518b548b4aae67f37cba41179f7b937f7d6742ac58370428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70475
x-xss-protection
0
expires
Sat, 04 Jun 2022 07:02:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e389acdc6743149a262521d521b0e52d771c5e21a8f532413237ad25ca4dd1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56194
x-xss-protection
0
server
cafe
etag
7990420795962747324
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:02:38 GMT
op.js
tagan.adlightning.com/math-aids/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/op.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edda33933667ca212878ebcac051e276be37ce67b0a9df54a33f42e7eb553821

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
pdN6STj9cXqn2aDFKLYvuqDZeyYCj763
content-encoding
gzip
etag
"6d9e3571a939217801e3b9e0f9cef559"
age
3527
x-cache
Hit from cloudfront
content-length
23338
x-amz-meta-git_commit
c5c1c29
last-modified
Fri, 03 Jun 2022 13:32:30 GMT
server
AmazonS3
date
Sat, 04 Jun 2022 06:08:37 GMT
content-type
application/javascript
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
x-amz-cf-id
xi60ITVUXg379ad0SfoWv6Pca8okH0CMMydThhKRqT9Ca5ohJg2OEA==
layout.js
qd.admetricspro.com/js/iphoneincanada/ 		31 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/iphoneincanada/layout.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b630765b1af4248bd66f4662ced230b6758804c08a685f621ea804c8cc1ce214

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Mar 2022 02:56:52 GMT
server
cloudflare
etag
W/"7c6a-5d9c03fe3343c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLhN19thdJ%2B6vz9Mzj7XKukzY6nEdA%2BX7i0LDfOiG8X%2BsNvDnWBlJlAWXJiP%2F8DPwn6VDgl6loSjuPrR6Ky%2FEvR6YPeD41HS8eJLbo6s4J1gg2FCAckmuh0647nIooyeAgqCZ%2FmHvMMHZ98a36SVkkbc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715ecdd6ac8d7133-YUL
expires
Sat, 04 Jun 2022 06:55:12 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
sffe /
Resource Hash
ef3869817acbb97d36147a60bad78a5fde0210f924f69d7e88868162c0bbe19d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28115
x-xss-protection
0
server
sffe
etag
"1234 / 79 of 1000 / last-modified: 1654293884"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Jun 2022 07:02:38 GMT
cmp.js
qd.admetricspro.com/js/iphoneincanada/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/iphoneincanada/cmp.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgqCl%2Bu%2FdrfTGXpmfjr68gU79q846xE1vn393KLQgn4inWHKEedxJyB55%2FX%2Bb4xxMj3jlfJOxmknDXSVtNWeWi0vd7W1fX4ltlL5ezNTSPQkiXYSigbPAfqvy12Nom9%2BxWeE%2B5YsgMHmwvvmD1gRw3k8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715ecdd73cfe7133-YUL
expires
Sat, 04 Jun 2022 07:02:35 GMT
uspcmp.js
qd.admetricspro.com/js/iphoneincanada/ 		148 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 08 Aug 2020 22:40:07 GMT
server
cloudflare
etag
W/"24e50-5ac65673cef1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVB9%2Fhnl6wrKmd0axljbbYlR2WqK8dAA3yOs91Kn5hOu%2FUkAtk5685rVH0PDrkTszXU%2BKhNOy9ufUL9ADdWrlHDsL3dk8Ftb5jXWv82dr9XYRlyQqCjliXq5YQGhtZAfMtYLAyZOSRelsjPMvPWC6uMw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715ecdd73d007133-YUL
expires
Sat, 04 Jun 2022 07:02:35 GMT
prebid.js
qd.admetricspro.com/js/iphoneincanada/ 		459 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 May 2022 16:56:40 GMT
server
cloudflare
etag
W/"72c32-5de0a46b45676-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9noxKzuiCZ2d9R%2FCK2CEYt6ZbbZ6uXqs6zgCJVRLEigpIrkwFoUNzUZSe2ZCqKUKqsuJkGt3%2BxwhCw8KFAYw6uSqQJPy9mDf0%2BjbP5qdNqzuIc5YpXkVkGuzIduDS8ZW%2Ft0yrd0Y2PihWMxL5HMmNyod"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715ecdd73d017133-YUL
expires
Sat, 04 Jun 2022 07:02:35 GMT
engine.js
qd.admetricspro.com/js/iphoneincanada/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/iphoneincanada/engine.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 24 Jan 2022 02:31:38 GMT
server
cloudflare
etag
W/"8cae-5d64ac49b9c1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv40mGnalDX9Wvmqq4gbCdAlKEFHFJY6iFf9fyEAPP6DczsNvqYtQcXHbgdNvxNmk6VhqO6llVDH67NRayD4Yi98CSap6t6VyqO%2FX%2BCq2l%2BdHRR8id4DFeyGMTzkiCGrB57DH%2FDlnFfWPN1lvWAEcdb7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715ecdd6ac8e7133-YUL
expires
Sat, 04 Jun 2022 06:56:15 GMT
bootstrapper
tags.catapultx.com/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/bootstrapper?group-id=E05GK6gdXkSSdyoPZtRoKg&video-container=cnx-player-wrapper
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c182200f50fc9c7214ccc51ab466d567643a1f9e52cc6f1b1740e1d9c70e5c38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Jun 2022 14:07:01 GMT
server
cloudflare
etag
W/"48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRUoqsOz6gtzvqdZfcA%2BmY6Zz6o2%2FbLT47Zhu2PNjFR3Xcgk2zppguZ7LKvZdpmNC0ME2Pw9OCYEnW269dYF5Ou6FDDFRN%2BzEV4Qt%2BKruc4qfxEYHEKyDtLXbqA5Cif1aWj0DhAfdwh%2FsSc1LdFMKTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
715ecdd778554bc5-YUL
iic-logo-1.svg
cdn.iphoneincanada.ca/wp-content/uploads/2017/09/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iphoneincanada.ca/wp-content/uploads/2017/09/iic-logo-1.svg
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
dd67a3d9a16e643dd6c7928cd5c2ef2380ead191e25fabd298a0bbc09303cd1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Sat, 16 Sep 2017 05:57:41 GMT
server
nginx
etag
W/"59bcbd55-4b10"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age = 315360000
x-request-id
b257c6483b86818fb9efae00130b1116
expires
Thu, 31 Dec 2037 23:55:55 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
2607:f8b0:4006:80a::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 01:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 05 Jun 2022 01:47:07 GMT

Redirect headers

date
Sat, 04 Jun 2022 06:51:37 GMT
x-content-type-options
nosniff
server
sffe
age
661
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Sat, 04 Jun 2022 07:21:37 GMT
twitter-icon.jpg
cdn.iphoneincanada.ca/wp-content/uploads/2021/05/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iphoneincanada.ca/wp-content/uploads/2021/05/twitter-icon.jpg
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
c4838100e57583ed317a91d8454aa3131401817d5f281a73dc45297c96c5eade

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
last-modified
Sat, 22 May 2021 07:28:37 GMT
server
nginx
etag
"60a8b2a5-53d"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
1341
x-request-id
b257c6483b86818fb9efae00130b1116
expires
Thu, 31 Dec 2037 23:55:55 GMT
fb-icon.jpg
cdn.iphoneincanada.ca/wp-content/uploads/2021/05/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iphoneincanada.ca/wp-content/uploads/2021/05/fb-icon.jpg
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
00dd2f10306be0d85ecd917dc40258191e779ef5918b77879653d62088326c19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
last-modified
Sat, 22 May 2021 07:28:44 GMT
server
nginx
etag
"60a8b2ac-519"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
1305
x-request-id
b257c6483b86818fb9efae00130b1116
expires
Thu, 31 Dec 2037 23:55:55 GMT
ios-14-hero-640x368.jpg
cdn.iphoneincanada.ca/wp-content/uploads/2020/06/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iphoneincanada.ca/wp-content/uploads/2020/06/ios-14-hero-640x368.jpg
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
79db97866742604c15177019a7fd6623e2648fe6eeaf741b6239684dc9ed687a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
last-modified
Mon, 22 Jun 2020 19:57:40 GMT
server
nginx
etag
"5ef10d34-c156"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
49494
x-request-id
b257c6483b86818fb9efae00130b1116
expires
Thu, 31 Dec 2037 23:55:55 GMT
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.90.62 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:39 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
THVMMGNGXN5C4MDG
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
1b/O0803+ACpkrMYhBHtlozJ/Xny7b0yoDFL8mHSEmiBaTKZiO2AuDYn2SYPJWXRYsYsqfpaLgU=
count.js
iphoneincanada.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iphoneincanada.disqus.com/count.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
269
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 May 2022 17:31:17 GMT
Server
nginx
ETag
"62910ae5-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW56-P1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
TShm5EH9p1MS_V1qZEWR_guM135j6cAO4Ir802dCs4caaUfiIjAnZA==
regenerator-runtime.min.js
c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 16:35:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 04 Jun 2023 07:02:37 GMT
wp-polyfill.min.js
c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 04 Jun 2023 07:02:37 GMT
wpo-minify-footer-701f1cc4.min.js
cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/wpo-minify-footer-701f1cc4.min.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
019feae1731a188e711e9a711090199708d7d3b0c0c6b32adbb7f338d3dc8ca6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 06:52:59 GMT
server
nginx
etag
W/"626a39cb-505e"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
b257c6483b86818fb9efae00130b1116
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
715ecdd779e44bd6-YUL
date
Sat, 04 Jun 2022 07:02:38 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
373
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 07 Jun 2022 07:02:38 GMT
wpo-minify-footer-8f800aa5.min.js
cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/wpo-minify-footer-8f800aa5.min.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.244.74.236 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
7bcb6224428724b3bff7c01b352bb32086448b37897498b8fbbd8703d8c75387

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 06:52:59 GMT
server
nginx
etag
W/"626a39cb-1741"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
b257c6483b86818fb9efae00130b1116
expires
Thu, 31 Dec 2037 23:55:55 GMT
e-202222.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202222.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT yyz
date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
server
nginx
etag
W/"61be9fd1-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 15 May 2023 20:56:47 GMT
counter.js
www.statcounter.com/counter/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 09:58:11 GMT
server
cloudflare
age
11628
etag
W/"622f11b3-a7ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
715ecdd80d5aa22c-YYZ
expires
Sat, 04 Jun 2022 15:48:50 GMT
jNrytkzKwVef.js
www.iphoneincanada.ca/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iphoneincanada.ca/jNrytkzKwVef.js?ts=42845
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.210.199.153 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
4cd455b279ff15af7777bba05e2fcc23be5a04a8b4a3b271023fcc05ff8bd6c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 03:42:44 GMT
server
nginx
etag
W/"62452334-962"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
strict-transport-security
max-age=31536000; preload
x-presslabs-stats
desktop
x-request-id
ef79459770686a66cfee9fe7f5a1e0b8
expires
Thu, 01 Jan 1970 00:00:01 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.156.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-156-226.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a038a6e7ddcfef12889f63f8c87ff3af1eaf6a86f9eddbaad5a39e260a15a4c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 04 Jun 2022 07:02:40 GMT
via
1.1 4bee516d0163cd392c310c300265b098.cloudfront.net (CloudFront), 1.1 6269b150df4618d480141e7011541b64.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 19:53:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2, NRT51-P2
etag
W/"e5af376313df9e9a4e3fa9b294b98489"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
content-encoding
gzip
x-amz-cf-id
sdcHyTqxmZ_DtyQYNd33Kd5dN9vKN7tXZtGQjv-kJo-VUU-wCZAMgA==
connatix.player.js
cds.connatix.com/p/164935/ Frame F7DD
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/164935/connatix.player.js
1017 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164935/connatix.player.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7cf0bc393c3475d197a3a69812bef2a04d62165b3f8e6b1ff433eaf3656a9fa5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 12:00:58 GMT
age
60138
etag
"3c85973fb405ba4553696632adb3b615"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
282325

Redirect headers

location
https://cds.connatix.com/p/164935/connatix.player.js
date
Sat, 04 Jun 2022 07:02:38 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
fontawesome-webfont.woff2
cdn.jsdelivr.net/fontawesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css
Origin
https://www.iphoneincanada.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:37 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6471581
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-served-by
cache-fra19128-FRA, cache-yyz4561-YYZ
timing-allow-origin
*
server
cloudflare
etag
W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0hJPTl%2F9ItuoV1CxrRgxIv%2BYpYTwwj6OyRkerVYzVEVWJ6eIvCkGeyth1OL9Z6ZIJANpT9qU9W3zSW4c7d%2B5WSFXN3KBDfqDeiHCtbcBblvgYk%2B5te510nS1VG9yt29h9Ve7pux3gTg5CNOe7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
715ecdd75e677139-YUL
googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 		551 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 16:15:25 GMT
x-content-type-options
nosniff
age
312433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
551
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 31 May 2023 16:15:25 GMT
vendor-list.json
qd.admetricspro.com/js/cmp2/ 		318 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/cmp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 03 May 2022 16:25:12 GMT
server
cloudflare
etag
W/"4f6fe-5de1df3ffe732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBtEfZit7hCe4guJ%2Bq5n8Q1eriQtzlzfE8wc8e3QzQDVSIBeDkksBfQUBSuHzOUiKBo7h%2Bkcc7WBztinX6K7KXUkjQ9feEXSY46ovWO3Jw%2FkG9GDGbPkP%2FCFZvRr%2BNsfu25tdpOtVSfMdwSfm0jVeLZu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
715ecdd81e827138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 04 Jun 2022 07:12:38 GMT
pubads_impl_2022053101.js
securepubads.g.doubleclick.net/gpt/ 		366 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
sffe /
Resource Hash
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127016
x-xss-protection
0
last-modified
Tue, 31 May 2022 08:34:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Jun 2023 17:34:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		240 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.iphoneincanada.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
2aa824ed45fbaa37e07efcd7b2338009ff69c3ea98a153e0c0a6f3e064d32aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140
x-xss-protection
0
expires
Sat, 04 Jun 2022 07:02:38 GMT
collect
www.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KHZNDTL8T&gtm=2oe610&_p=1737926759&_z=ccd.tdB&cid=782479863.1654326158&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1654326158&sct=1&seg=0&dl=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&dt=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers%20%7C%20iPhone%20in%20Canada%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KHZNDTL8T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-10/html/ Frame 6790 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
101881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
1789
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 02:44:37 GMT
expires
Sat, 03 Jun 2023 02:44:37 GMT
last-modified
Wed, 27 Sep 2017 15:12:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
capi.connatix.com/tr/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=6e437703-3c64-4e75-82b5-8ec1b0b72ab2
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
access-control-max-age
86400
content-type
application/json
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/ 		323 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa5902f1a1fdc975a919b9e0dccf70b7627dc065a7e806aa9799b4e55449a5ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117447
x-xss-protection
0
server
cafe
etag
585123562940211802
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:02:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/ Frame 7945 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
45575
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 18:23:03 GMT
etag
1327746537699501093
expires
Fri, 17 Jun 2022 18:23:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/164935/ Frame F7DD 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164935/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 12:00:59 GMT
age
60138
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
player.css
cds.connatix.com/p/164935/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164935/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 12:00:59 GMT
age
60138
etag
"ea2f9ede807e1b050a71617a64dba818"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8709
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
778
date
Sat, 04 Jun 2022 06:49:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 04 Jun 2022 08:49:40 GMT
pls
capi.connatix.com/core/ Frame F7DD 		24 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a115c19b1f033f552334de2ac831276345b5c23ffcca2a0c5e1c5c101dce718

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
12942
count-data.js
iphoneincanada.disqus.com/ 		437 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iphoneincanada.disqus.com/count-data.js?2=https%3A%2F%2Fwww.iphoneincanada.ca%2Fmac%2Fnative-apple-music-app-released-in-macos-12-2-beta-for-developers%2F&2=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
452624f4b40bb9790a5d98ce312ef1ed1c19b39ce079516bac5683d2083678d8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
320
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
437
X-XSS-Protection
1; mode=block
embed.js
iphoneincanada.disqus.com/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iphoneincanada.disqus.com/embed.js
Requested by
Host: cdn.iphoneincanada.ca
URL: https://cdn.iphoneincanada.ca/wp-content/cache/wpo-minify/1649784760/assets/wpo-minify-footer-701f1cc4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
bb05454234cec646ec25b74ff98865873afbeac53625feb7cd0c1e353d28d2d4
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25396
Cross-Origin-Resource-Policy
cross-origin
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
715ecddaac5d4bd6-YUL
date
Sat, 04 Jun 2022 07:02:38 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
370
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 07 Jun 2022 07:02:38 GMT
t.php
c.statcounter.com/ 		192 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=3220595&u1=64D303949CBA4F0556DADE4EFFCFDDF3&java=1&security=7c5f7029&sc_snum=1&sess=5e022a&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers%20%7C%20iPhone%20in%20Canada%20Blog&invisible=1&sc_rum_e_s=896&sc_rum_e_e=900&sc_rum_f_s=0&sc_rum_f_e=508&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
715ecddabfc5a22c-YYZ
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
cx-bootstrapper-init
tags.catapultx.com/cxo/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-bootstrapper-init
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=E05GK6gdXkSSdyoPZtRoKg&video-container=cnx-player-wrapper
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
60dd36d836fb626dacbef179a242f4d7e92796c8c9d55a453cb32098763b27f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
92
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Jun 2022 14:07:01 GMT
server
cloudflare
etag
W/"48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fru55uNUe4U%2BGLo2K4iA6hecsollZwuWt0d6rHaUBBMJmivk39qWCe0y1BhJAG5MsGhYA4RxRFRxhDrYBcLzhXpHFIYY7Gml3D1ofrHO3et98X36hQaVnz6Cj%2F42iOu2ihnyI5K20wFS5BlGEZDKoGc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
715ecddabdf24bd0-YUL
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=202835705&post=365501&tz=-7&srv=www.iphoneincanada.ca&host=www.iphoneincanada.ca&ref=&fcp=374&rand=0.7165063520564234
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 04 Jun 2022 07:02:38 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
v1
geo.ipify.org/api/ 		355 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
threatintelligenceplatform.com
Software
nginx /
Resource Hash
2ad10aab151258c2597c790c3899c31ed95d34689aa1bd79d4eae2b3a39e1d2b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
localstore.js
script.4dex.io/ 		483 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171569
x-amz-request-id
txd084f0a122f94d2fb8629-006298655d
x-amz-id-2
txd084f0a122f94d2fb8629-006298655d
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b18g7OlGWhyP4IxCIqAHAvYUL%2B%2BcUYITGu9GKB%2BAOo9PxP1K7Zsvp9Va4nOlEao15dpNdnK%2BLFr9spFwSc2KaDQ7f%2FdXxQU5oKx%2BsFez25CN%2BYVZ4ylkConefNGkaeANqkWVfBZBimtogad1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
715ecddb0d99ca47-YUL
cygnus
htlb.casalemedia.com/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=697363&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221cfd77b428b1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F%22%2C%22domain%22%3A%22iphoneincanada.ca%22%2C%22publisher%22%3A%7B%22domain%22%3A%22iphoneincanada.ca%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%226.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2222c61b6e73540f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22697363%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-ATF%22%7D%7D%2C%7B%22id%22%3A%223340affaf7887b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22697364%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-BTF%22%2C%22gpid%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-BTF%22%7D%7D%2C%7B%22id%22%3A%22497b0a51fb7c0d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22697365%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-Sticky%22%2C%22gpid%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-Sticky%22%7D%7D%2C%7B%22id%22%3A%22588662e57b84a3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22697358%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar1%22%2C%22gpid%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar1%22%7D%7D%2C%7B%22id%22%3A%22628ed646e77c1d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22697359%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar2%22%2C%22gpid%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar2%22%7D%7D%2C%7B%22id%22%3A%227ea332e957069c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22697360%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left1%22%2C%22gpid%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left1%22%7D%7D%2C%7B%22id%22%3A%2282905f1d7b7b4f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22697361%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right1%22%2C%22gpid%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%22678%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.21.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-21-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c3310104facf0281ab136db8608bf9d30aa14ded295d5427aad00a011559e49b

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6839
x-ak-client-geo
19
expires
Sat, 04 Jun 2022 07:02:38 GMT
auction
tlx.3lift.com/header/ 		19 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.22.0&referrer=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tmax=1200&gdpr=false
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.167.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-167-98.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:39 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
teachingaids-d.openx.net/w/1.0/ 		174 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7595f247-c3b9-4e48-bd49-3034c037d709%2C34ec9da2-58dc-47b3-9e27-a0dc204d5085%2C2ead4b78-c231-432b-b511-c807e319d748%2Ca22eebe5-3d25-45ad-822e-88f4c449cb33%2Cca6a3668-02d8-45a0-82a1-dfbf58077d1d%2C85d0ac48-96aa-4f82-bd34-cb407b1bf10d%2C0b3ca986-8a5e-44c3-984a-c372ed963195%2C1239aa70-16f3-4654-b39b-d34e03b562de%2Cf35443e7-3f5e-4326-b653-f310d11e7aaf&nocache=1654326158543&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!admetricspro.com%2C678%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&divids=div-gpt-ad-1627679936228-0%2Cdiv-gpt-ad-1627679976672-0%2Cdiv-gpt-ad-1627680019345-0%2Cdiv-gpt-ad-1627680508621-0%2Cdiv-gpt-ad-1627680554198-0%2Cdiv-gpt-ad-1627680660073-0%2Cdiv-gpt-ad-1627680615907-0%2Cdiv-gpt-ad-1627680697054-0%2Cdiv-gpt-ad-1627680761064-0&aucs=%252F22404337467%252C1018556%252Fiphoneincanada-728x90-ATF%2C%252F22404337467%252C1018556%252Fiphoneincanada-728x90-BTF%2C%252F22404337467%252C1018556%252Fiphoneincanada-728x90-Sticky%2C%252F22404337467%252C1018556%252Fiphoneincanada-300x250-Sidebar1%2C%252F22404337467%252C1018556%252Fiphoneincanada-300x250-Sidebar2%2C%252F22404337467%252C1018556%252Fiphoneincanada-300x250-Left1%2C%252F22404337467%252C1018556%252Fiphoneincanada-300x250-Left2%2C%252F22404337467%252C1018556%252Fiphoneincanada-300x250-Right1%2C%252F22404337467%252C1018556%252Fiphoneincanada-300x250-Right2&auid=545643358%2C545643360%2C545643362%2C545643364%2C545643365%2C545643373%2C545643374%2C545643375%2C545643376
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
ba8a0cf662c9180b94775eaf10077762d8e2240a30e23833f306d2fe6d4262cc

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adreq
ads.servenobid.com/ 		978 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6660
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
fa17cce15c3decbcc1b560cfbce036e6c7f8cdd68dce3b6b6f02d8de906ddd89

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iphoneincanada.ca
date
Sat, 04 Jun 2022 07:02:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8386f7f3a6095894b2669a75dfd12d9f4c615289da0543d6d74aaa3cccac1e00
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
69bb8562-079e-41fc-9882-ba046e14e107
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		557 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2154902&size_id=2&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-728x90-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=7595f247-c3b9-4e48-bd49-3034c037d709&l_pb_bid_id=5211a4bec4323bd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-728x90-ATF&slots=1&rand=0.8560248845322211
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
79e4563fc024f7143d67bec6ba55901f4e2bea5c267c4b00f6d9d0a4aacde984

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
557
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		557 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155558&size_id=2&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-728x90-BTF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=34ec9da2-58dc-47b3-9e27-a0dc204d5085&l_pb_bid_id=53cc73511643cea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-728x90-BTF&slots=1&rand=0.2383442341209152
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e70e879864afe7256e70b60790a1963ea8039bb66440741a3f3a967d90736d3c

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
557
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		560 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155560&size_id=2&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-728x90-Sticky&tk_flint=pbjs_lite_v6.22.0&x_source.tid=2ead4b78-c231-432b-b511-c807e319d748&l_pb_bid_id=544254133f07246&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-728x90-Sticky&slots=1&rand=0.029022658808391055
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
89597ad41d4ee05e694b18f2b55237ef515b3aa435a1ed1f955ec09c10d124c1

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
560
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155562&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar1&tk_flint=pbjs_lite_v6.22.0&x_source.tid=a22eebe5-3d25-45ad-822e-88f4c449cb33&l_pb_bid_id=55d3df38bbf07b2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar1&slots=1&rand=0.015888243206934494
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f0a1fe3643bb3bdd249470706fd27b81f4037ea1487d05dbaa1b93f43b064231

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
564
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155564&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar2&tk_flint=pbjs_lite_v6.22.0&x_source.tid=ca6a3668-02d8-45a0-82a1-dfbf58077d1d&l_pb_bid_id=56c4cd76aa8c2bb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar2&slots=1&rand=0.3220687289947224
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8ee1abee1a9cb095bf9d663a15208f7d99f0791a3d73292161bd2e57c8f162f7

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
564
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		561 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155566&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left1&tk_flint=pbjs_lite_v6.22.0&x_source.tid=85d0ac48-96aa-4f82-bd34-cb407b1bf10d&l_pb_bid_id=57a3f86969d4598&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left1&slots=1&rand=0.02310244158520436
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
934c3658518ed674197b748c39664c23abf4a4cea1c2c280aeef405cc086ba6b

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
561
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		561 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155568&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left2&tk_flint=pbjs_lite_v6.22.0&x_source.tid=0b3ca986-8a5e-44c3-984a-c372ed963195&l_pb_bid_id=5860f8040f9a50f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left2&slots=1&rand=0.6851376262422109
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b3dfa7645303e8f1278f830961823916a0004f40513d87540d7ad0e7b862db41

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
561
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155570&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right1&tk_flint=pbjs_lite_v6.22.0&x_source.tid=1239aa70-16f3-4654-b39b-d34e03b562de&l_pb_bid_id=596d05b75c0b774&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right1&slots=1&rand=0.5444939294475721
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
17397eb33f51895b08d2a7197c1706f274c7e8268d860625f24660ca185ec795

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
562
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=386826&zone_id=2155572&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,678,1,,,&rf=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.page=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tg_i.domain=iphoneincanada.ca&tg_i.pbadslot=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right2&tk_flint=pbjs_lite_v6.22.0&x_source.tid=f35443e7-3f5e-4326-b653-f310d11e7aaf&l_pb_bid_id=608c01fd03f8916&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right2&slots=1&rand=0.9778520904115464
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a08b3989f2edbf4c7e52644e6e9ce840a84de9f9931278dda17e470755c4274a

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
562
Expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		361 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4cf57ab7e808a2be8960e7e9a41e52eb3c743b8c415d2b6e7b1c3f41b4a51b72

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
106
content-length
232
prebid
mp.4dex.io/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242d292c7f2822d87963faf93635a81bb9e67f28a2d9b034497a3c191057e28f

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
access-control-allow-origin
https://www.iphoneincanada.ca
content-length
882
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
715ecddb5988714b-YUL
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a969115017b7b122820139c66530014&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
31223af0cb4f12c77e5a04459619bd730205e7ad5bc40565cb47897f6bd20c3c

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a9698f3017b7b12239b139caae80016&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
a7b90220a7fadc14897d2275223b2d501cfd39481fc0e300a9b0db12f5b8b1ca

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a9698f3017b7b12239b139ccd9d0017&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
821ff61ee5058c737b0efe935f5a9a644ccda0cece47f88728bac814216f78fb

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a96942c017b7b122c61139cf83f0014&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e5edfd14438381494978b374a92429959d8a90e57bed32e2c64e54d76dcb5c8a

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a9698f3017b7b12239b139d23430018&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
09d6e9ee5afa691aa97b1eb0692986ef4fc353b25ec2609863811299a70c09ce

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a969115017b7b122820139d51280015&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
409365991482a33021901c11ddccb5c99c675911cdf772c75bfc70280fc3fe78

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a9698f3017b7b12239b139db54a0019&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ad67e405deffb1cad7fb12c91b7277bdf78f0160b8d74885081ce55ccd7228f1

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a9698f3017b7b12239b139df34d001a&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
bb3b8e280474cd3c0e53d97584f29054a685f72dd9ed3a5d4332668b8c2203de

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698f3017b7b12239b139a6cd60013&pos=8a96942c017b7b122c61139e1d540015&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
b5a18b9a8af4fbbea189daeb60f90a7afb60475fe56264b5041bedfb65cd9e7a

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.51.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-51-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Date
Sat, 04 Jun 2022 07:02:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
auction
pbs.nextmillmedia.com/openrtb2/ 		515 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
c06974111e6674acbd0ccff4dd91b53f1ea70e6a38ac7cbd8e2fc7a6accc4589

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
515
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		512 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
e834abf9f030b31e391b80cad46627edae6e3028b41d03e52bbe42dd808df62c

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
512
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
a5d6f391d10c4308b754b4b8c366a8b28bc78746aef4c6edd073158c0f80a8f2

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:39 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1509
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		516 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
b5bed3d0bfa424dd617247b2360cff76d2bbf021abd88e4b4f140d1797359175

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
516
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		514 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
a3ac6a1a0fbe2023bc23d72a7daf52c60f25bd9461e96c2f5d090b2187ab5c4b

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
514
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		514 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
89ac85d59b9050e71fb0a1bd4b2fed75e2da849bbffe70409be2d6bafa4b803f

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
514
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		516 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
44086f3e4dadda16fc77a29d019ec48b9f91ad28ae39103d0c101ecec5c5b74a

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
516
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		516 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
33aa785b05578c580965db464c7f5c00c960fa6febc47a3a39a6a67c281bb83e

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
516
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		514 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
fc819b0b63d4da14fde7aa8065c6fc20090362c9ae0631653c946d329ecf7121

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-prebid
pbs-go/nextmillmedia/41.5.5
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
514
expires
0
v2
e.serverbid.com/api/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
bid
ap.lijit.com/rtb/ 		95 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.22.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Fort Mill, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
83ea94126771384846f041c042979b5111a96606e5cf5e915432b5670990e6f7

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
mvo
tag.1rx.io/rmp/238157/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/238157/0/mvo?z=1r&hbv=6.22,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iphoneincanada.ca
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.iphoneincanada.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		120 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3521502167565206&correlator=666807145287997&eid=21065724&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22404337467%3A1018556%2Ciphoneincanada-AdX-Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2384658989&sfv=1-0-38&ecs=20220604&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1654326158608&lmt=1654319548&dlt=1654326157816&idt=693&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=782479863.1654326158&ga_sid=1654326159&ga_hid=1737926759&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
d26cd524f5736815db7a880fed10b7c03fe5ddcd3a367b84c46bb88fb618da77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32296
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4891 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022053101.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022053101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
sffe /
Resource Hash
47cd7f94e3eea94ad1d9af004bb6143e2e690e7b002f0beab8146c0019f8d53e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13374
x-xss-protection
0
last-modified
Tue, 31 May 2022 08:34:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 31 May 2023 14:24:16 GMT
blockedDomains_18.bin
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame F7DD 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_18.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76ccb927c4df11d09ea80d22eaec4c96f97ad568be6f49d5d550cfccdc5e02a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
last-modified
Fri, 03 Jun 2022 13:55:15 GMT
age
61577
etag
"c046250de06454a46963e2c99faebbd4"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1492
insights.bin
ins.connatix.com/f79a575032add306f3ba5fb526c15c06/ Frame F7DD 		108 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/f79a575032add306f3ba5fb526c15c06/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3636b441dd0973608e4572b72daca868b406ef070fcc8aacc1d12d74a443b0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 22:06:55 GMT
age
1280798
etag
"eb2db0f24a2a103efbc5a210a80df1da"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
99
cookie.js
partner.googleadservices.com/gampad/ 		401 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.iphoneincanada.ca&callback=_gfp_s_&client=ca-pub-8845604764087408&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
32c23538599d3f89fc511892ff04136f9498b375e9ed0c67cef59c69357aec71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tn=DIV&id=amp_floatingAdDiv&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tn=HEADER&id=header&cls=site-header%20headroom&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E7A4 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8845604764087408&output=html&adk=1812271804&adf=3025194257&lmt=1654319548&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326158215&bpp=3&bdt=399&idt=456&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5033563336134&frm=20&pv=2&ga_vid=782479863.1654326158&ga_sid=1654326159&ga_hid=1737926759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531557%2C31065742%2C31067628%2C21066431%2C21065724&oid=2&pvsid=3521502167565206&pem=132&tmod=2040486420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=480
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sat, 04 Jun 2022 07:02:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1737926759&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ul=en-us&de=UTF-8&dt=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers%20%7C%20iPhone%20in%20Canada%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=407117368&gjid=1362276000&cid=782479863.1654326158&tid=UA-460099-3&_gid=433792528.1654326159&_r=1&_slc=1&z=1146554469
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 19:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6435385
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26078
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 21 Mar 2022 19:03:40 GMT
server
nginx
etag
"6238cc0c-65de"
content-type
text/css; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Tue, 21 Mar 2023 19:26:13 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
cN-KoQq6qnOGc12KfOxkyMWdkfPxBbsWgYsICJODVXW5rK7xlJ6RnQ==
x-cache-hits
0
common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3925890
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94755
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 19 Apr 2022 20:21:53 GMT
server
nginx
etag
"625f19e1-17223"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Wed, 19 Apr 2023 20:31:08 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
gk75w9IdH1AtQHw-_fWT48fIh6dKAHCxzJjj9HUxWGo47BwUBW7sLw==
x-cache-hits
0
lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
c.disquscdn.com/next/embed/ 		0
121 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49734
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
123109
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 03 Jun 2022 17:03:15 GMT
server
nginx
etag
"629a3ed3-1e0e5"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Sat, 03 Jun 2023 17:13:44 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
ihroHQdo4mWh4bKy8dEaUsE0ES1TbHwuyVZo7EaNVDTwHNK7qHg7yQ==
x-cache-hits
0
config.js
disqus.com/next/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
56
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
15276
X-XSS-Protection
1; mode=block
recommendations.js
iphoneincanada.disqus.com/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iphoneincanada.disqus.com/recommendations.js
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
6a368a1798415dfbd291a4eb663dd28ceddd12396a7519ab47cd3ed9d1757ea4
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:38 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21276
Cross-Origin-Resource-Policy
cross-origin
web
onesignal.com/api/v1/sync/a5853a3d-6116-42c4-b999-60f55e998990/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/a5853a3d-6116-42c4-b999-60f55e998990/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6ff8b45a3ce5744b0597107479dbf9866a9b5fc7db4758ef8cecef83f0f177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1149
cf-polished
origSize=3404
status
200 OK
x-envoy-upstream-service-time
48
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2e029e7e-20d2-4844-a940-4f41ebe15d20
x-runtime
0.046368
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"f95b5e9a6902151a736926f6c1616cda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
715ecddc4d5e4bd6-YUL
access-control-allow-headers
SDK-Version
expires
Sat, 04 Jun 2022 08:02:38 GMT
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235847
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1VbpmhGEx9Xw-Np6Jf2cdKQWqyZU46XdJwga8sh0IRbQSPl0z5GPkQ==
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61394
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
LvmLhCSBhnCmmAfdYO3t31tW9dYN9HytKtdffyP7wvPTeJZMCuERCw==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
2_media.bin
vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/ Frame F7DD 		291 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
758d490d59f251482d75829f6bdcb3573b6723d55699e6defb9809ee93ebae0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:48:30 GMT
age
59588
etag
"d288dd95cf104a13f778338141eca3fa"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F7DD 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232b81501e6681b91a8134b4f00118d8d51835ef3a9502584671f997116852c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128968
x-xss-protection
0
expires
Sat, 04 Jun 2022 07:02:39 GMT
1.png
img.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/6e437703-3c64-4e75-82b5-8ec1b0b72ab2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/6e437703-3c64-4e75-82b5-8ec1b0b72ab2/1.png
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
br
age
2165493
etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age
86400
fastly-io-info
ifsz=6487 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
6487
fastly-io-warning
Failed to shrink image
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dIndex%26api-tier%3d1%26uid%3d
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D8f4d5dd88a604978adde7164b67969d0%26pname%3DIndex%26api-tier%3D1%26uid%3D&s=190549&C=1
  • https://cks.connatix.com/cks?pid=17&ev=8f4d5dd88a604978adde7164b67969d0&pname=Index&api-tier=1&uid=YpsDj6V2eezDp-7lpu.RAQAA%26463
138 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=8f4d5dd88a604978adde7164b67969d0&pname=Index&api-tier=1&uid=YpsDj6V2eezDp-7lpu.RAQAA%26463
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bba79064c3cd2b6176d8edfca83dce03a2437fec7b0ec11a4bfcf87d33766181

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
138
retry-after
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cks.connatix.com/cks?pid=17&ev=8f4d5dd88a604978adde7164b67969d0&pname=Index&api-tier=1&uid=YpsDj6V2eezDp-7lpu.RAQAA%26463
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
329
Expires
Sat, 04 Jun 2022 07:02:39 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D8f4d5dd88a604978adde7164b67969d0%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&_...
  • https://cks.connatix.com/cks?pid=15&ev=8f4d5dd88a604978adde7164b67969d0&pname=Beeswax&api-tier=1&uid=AAFDDU7FNgcAAEin6MYPOw
132 B
192 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=8f4d5dd88a604978adde7164b67969d0&pname=Beeswax&api-tier=1&uid=AAFDDU7FNgcAAEin6MYPOw
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf8aa2e1d1baef32947b4684a2e715ac5e8c46bd02ec0ccbf3b86f2574a07e15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
132
retry-after
0

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=8f4d5dd88a604978adde7164b67969d0&pname=Beeswax&api-tier=1&uid=AAFDDU7FNgcAAEin6MYPOw
Date
Sat, 04 Jun 2022 07:02:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://cks.connatix.com/cks?pid=19&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttl=1656918159
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttl=1656918159
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83d42ee8bac62ae52b3e2263cf01ce45dc5fa745fb3f4504443125f1307d51d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttl=1656918159
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID
  • https://cks.connatix.com/cks?pid=6&ev=8f4d5dd88a604978adde7164b67969d0&pname=AppNexus&api-tier=1&uid=1696151633887888005
128 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=8f4d5dd88a604978adde7164b67969d0&pname=AppNexus&api-tier=1&uid=1696151633887888005
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21e9e4f419adfda857b7a592a35319941ed930ed9a41eb8a532508f5c02c17ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
128
retry-after
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:39 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e4e6861d-c337-46f7-9e77-4434a0d05de6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cks.connatix.com/cks?pid=6&ev=8f4d5dd88a604978adde7164b67969d0&pname=AppNexus&api-tier=1&uid=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame DC4A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:39 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 04 Jun 2022 07:02:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
server
AkamaiGHost
userSync.js
ads.pubmatic.com/AdServer/js/ Frame F7DD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:14 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300709-1af3-5c4c7cca9e573"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=79368
accept-ranges
bytes
content-type
text/javascript
content-length
2267
expires
Sun, 05 Jun 2022 05:05:27 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX...
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d8f4d5dd88a604978adde7164b67969d0%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX...
  • https://cks.connatix.com/cks?pid=10&ev=8f4d5dd88a604978adde7164b67969d0&pname=SpotX&api-tier=1&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=10&ev=8f4d5dd88a604978adde7164b67969d0&pname=SpotX&api-tier=1&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e3270b13dee6d7006b0ce2df8e65196e70d31028b7a621aa52ed0f58f690a32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:39 GMT
location
https://cks.connatix.com/cks?pid=10&ev=8f4d5dd88a604978adde7164b67969d0&pname=SpotX&api-tier=1&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
387
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-460099-3&cid=782479863.1654326158&jid=407117368&gjid=1362276000&_gid=433792528.1654326159&_u=IADAAEAAAAAAAC~&z=880949500
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 04 Jun 2022 07:02:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
disqus.com/embed/comments/ Frame 65D6 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0255a8923f4b86d12bc51d83075db5cbe07a34fd0538a14cb50b6de902da8d45
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5701
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sat, 04 Jun 2022 07:02:39 GMT
ETag
W/"lounge:view:8929678633.cd9283b4d520a0a9395e48949d483a6b.2"
Last-Modified
Sat, 07 May 2022 20:00:26 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171525
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx27c4058fc0b44174a07af-006298657c
x-amz-id-2
tx27c4058fc0b44174a07af-006298657c
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3%2BRZDsmbgv%2BefC4gBGGroi8yZQsNo5fRn8ZD5E6Ibt6K5EMudqy1oJo%2F5HcxkOPK%2FdaeQo%2FsmcJkfUXlbYA40OxpNY8gFjnUa4RUFYgXad7V4wDMYdCrpi5J92U%2BuNTGm%2BqqHqpBMaP8Rz1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
715ecdde7d06ece2-YUL
access-control-allow-headers
Authorization
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6EA0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/164935/ Frame F7DD 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164935/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 12:00:59 GMT
age
60139
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 21 May 2022 16:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1174727
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-ba2"
content-type
text/css; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Sun, 21 May 2023 16:43:52 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
I68yx9S_jcn5B3YgS4K3jt9v8TxzTbELzzgmLJycj5x11By0HwVlTg==
x-cache-hits
0
common.bundle.a59fbd11efae764ccd959d61e4925fee.js
c.disquscdn.com/next/recommendations/ 		0
87 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3925880
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88804
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 19 Apr 2022 20:21:53 GMT
server
nginx
etag
"625f19e1-15ae4"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Wed, 19 Apr 2023 20:31:19 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
kpiG4cbji6D8SuzaM02byeMMb92qGyOHnlgGytD2WAPCj9xSwGGKYA==
x-cache-hits
0
recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 20:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20342217
x-cache
Hit from cloudfront
content-length
20244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 11 Oct 2021 20:15:56 GMT
server
nginx
etag
"61649b7c-4f14"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Tue, 11 Oct 2022 20:25:42 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
NRR5edWz0pjPrhftVSwZZdDzyviRWAUgw6os1EEZ3VAIUrCuh6eXWA==
x-cache-hits
0
usync.html
eus.rubiconproject.com/ Frame 3639
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:39 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 04 Jun 2022 07:02:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame DC4A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4921bc2575a32b7a59fa32a43b3902353cc129f4ac8010d9187f5f232fffe30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70231
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sun, 05 Jun 2022 02:33:10 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame FA0C 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
219722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 18:00:37 GMT
expires
Thu, 01 Jun 2023 18:00:37 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame F7DD 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Jun 2022 07:02:39 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame AD1B 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
219722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 18:00:37 GMT
expires
Thu, 01 Jun 2023 18:00:37 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 7C3D 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
219722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 18:00:37 GMT
expires
Thu, 01 Jun 2023 18:00:37 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 58CA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-1-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D8f4d5dd88a604978adde7164b67969d0%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145969
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
us
capi-tier-1-us-east-2.connatix.com/core/ Frame F7DD 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
transfer-encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame 6EA0 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61394
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Uy-zQ43uexckjfnoBBgYWuUR12FKSoC0BWteIRuwftCxrjPBF6h60w==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame 6EA0 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235847
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
JoRqZ1fGTdmCtFsNLObq7MQQEJfZLJ4kG6MY7qPTrnFzYxEN1dxnHQ==
css2
fonts.googleapis.com/ Frame 6EA0 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jun 2022 06:18:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Jun 2022 07:02:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jun 2022 07:02:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6EA0 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 22:40:56 GMT
x-content-type-options
nosniff
age
375703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 30 May 2023 22:40:56 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6EA0 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 00:11:42 GMT
x-content-type-options
nosniff
age
543058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 29 May 2023 00:11:42 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame 6EA0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 04:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 04:45:19 GMT
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame F7DD 		762 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
ace1eb4ade0c06c1fd649246463ea87dccdd28a95b7fe1579288440066a74c5e

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
577
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/1_th.jpg?crop=660:371,smart&width=660&height=371&format=jpeg&quality=60&fit=crop
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5031010be407660bee7db4eef06e41b88cbbb628c4221092337a875549f15c51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
br
age
68425
etag
"oaptVnv0+dvbtfxUBRZPAzmVjyZzoihA3kszGzP67rI"
access-control-max-age
86400
fastly-io-info
ifsz=70831 idim=2560x1440 ifmt=jpeg ofsz=14520 odim=660x371 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
14026
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 97B6 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:40:15 GMT
/
disqus.com/recommendations/ Frame F23B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers
Requested by
Host: iphoneincanada.disqus.com
URL: https://iphoneincanada.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5c2a623c91375cbbf485657e0819ecb6a4ff6096139f42b615180a7521529d4e
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2351
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sat, 04 Jun 2022 07:02:39 GMT
Last-Modified
Fri, 01 Apr 2022 04:14:32 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E512 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:40:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B0F7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:40:15 GMT
prebid6.20.0-1.js
cds.connatix.com/p/plugins/ Frame 1234 		433 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d92a11899a5768511f0431479d50a6fbabd9aa93099c062bc9f348fdb83be72b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 09:02:01 GMT
age
1461622
etag
"d147c1dd13a25190e1aa7227401d9c91"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
115039
lounge.load.cfefa856cbcd7efb87102e7242c9a829.js
c.disquscdn.com/next/embed/ Frame 65D6 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Origin
https://disqus.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49736
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
496
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 03 Jun 2022 17:03:15 GMT
server
nginx
etag
"629a3ed3-1f0"
content-type
application/javascript; charset=utf-8
via
1.1 a4a5018e47c99d5484f43a6eb50bda5e.cloudfront.net (CloudFront)
expires
Sat, 03 Jun 2023 17:13:43 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
FmGfOzXgk9iP6YsQvmyGCL4RNF1e9SqUy_O0bYzsqrdP4qJUgTBCjw==
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 3639 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4921bc2575a32b7a59fa32a43b3902353cc129f4ac8010d9187f5f232fffe30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70231
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sun, 05 Jun 2022 02:33:10 GMT
ads-beacon.js
www.iphoneincanada.ca/ 		85 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iphoneincanada.ca/ads-beacon.js?ts=1733
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/jNrytkzKwVef.js?ts=42845
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.210.199.153 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
7523b4586b41ef03a3cd7d7d738b847cfecbd3da94c508969ed6ec52e992b46a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
strict-transport-security
max-age=31536000; preload
x-presslabs-stats
desktop
x-request-id
f9900c60d8f4ce0694357763e9b19a42
expires
Thu, 01 Jan 1970 00:00:01 GMT
us
capi-tier-1-us-east-2.connatix.com/core/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi-tier-1-us-east-2.connatix.com/core/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi-tier-1-us-east-2.connatix.com/core/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi-tier-1-us-east-2.connatix.com/core/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
playlist.m3u8
vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/ Frame F7DD 		309 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/playlist.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164935/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:48:29 GMT
age
57086
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
us
capi.connatix.com/core/ Frame DC4A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L3ZJ2XP4-T-4YFE
  • https://ck.connatix.com/cks?pid=11&uid=L3ZJ2XP4-T-4YFE
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L3ZJ2XP4-T-4YFE&UserId=
0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L3ZJ2XP4-T-4YFE&UserId=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
access-control-max-age
86400
content-type
application/json

Redirect headers

date
Sat, 04 Jun 2022 07:02:40 GMT
location
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L3ZJ2XP4-T-4YFE&UserId=
access-control-max-age
86400
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
retry-after
0
cx-overlay.js
tags.catapultx.com/cxo/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-overlay.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f3bbdc0719718059772cd59c8cd777f075ffffedf6cb768933770646d819f5e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Jun 2022 14:07:02 GMT
server
cloudflare
etag
W/"48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UB9D3u5mJltFoLZfHyL%2BIebm9mUwJyIo19vl7d%2BTaQXXE%2FpdeRni2kUClf1yumJ4qf0YYC0HpWSlOZTgqp3Poo32ynBAX2CFZ3JftoJBBRnlZc2PdJwRtHmv%2BizMvvMjRFuX6AoONCmjnKzd23JByqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
715ecde34b354bd0-YUL
recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js
c.disquscdn.com/next/recommendations/ Frame F23B 		923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3925877
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
446
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 19 Apr 2022 20:21:53 GMT
server
nginx
etag
"625f19e1-1be"
content-type
application/javascript; charset=utf-8
via
1.1 a4a5018e47c99d5484f43a6eb50bda5e.cloudfront.net (CloudFront)
expires
Wed, 19 Apr 2023 20:31:22 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
jI6Ye_fcds7mtlRYkTaGTEy1KuuvDHoSBKJX5ZUbKezROulsCLSmgg==
x-cache-hits
0
0.m3u8
vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/ Frame F7DD 		721 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/0.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164935/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3656f4087dff930d20f8ef31a1c55e5bf20af2024f22d4734dde2ed65525a4f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:48:28 GMT
age
57087
etag
"41836d101147619258f09c8bf3b8c1a3"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
276
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.iphoneincanada.ca&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.156.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-156-226.nrt51.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
via
1.1 6269b150df4618d480141e7011541b64.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT51-P2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
662
x-amz-cf-id
KXwM9uRNE78F9m6dKUTFm9509wCFkz6Mmy3Q_ptIJdAcuVwyS3ABrg==
bid
c.amazon-adsystem.com/e/dtb/ 		235 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&pid=dDR7DuCyzpxqb&cb=0&ws=1600x1200&v=7.75.0&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1627679936228-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627679976672-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-BTF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627680019345-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-728x90-Sticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627680508621-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627680554198-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Sidebar2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627680660073-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627680615907-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Left2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627680697054-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1627680761064-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018556%2Fiphoneincanada-300x250-Right2%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.156.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-156-226.nrt51.r.cloudfront.net
Software
Server /
Resource Hash
82c14ad5f707f2ebad3473956d2431b2b0149fece6c7c839994064198867befa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
NRT51-P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
timing-allow-origin
*
content-length
217
via
1.1 6269b150df4618d480141e7011541b64.cloudfront.net (CloudFront)
x-amz-cf-id
5Z6YMKvufvBhevuo7o9H9FOE-DQI0mTsqiWSP1BWdQf4g0ruw_nEpQ==
bid
c.amazon-adsystem.com/e/dtb/ 		235 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&pid=dDR7DuCyzpxqb&cb=1&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.156.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-156-226.nrt51.r.cloudfront.net
Software
Server /
Resource Hash
5a896add9b5573afdc3a92e9ba50554bd6d06c88def90cdc1513a064cc62ee1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
NRT51-P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
timing-allow-origin
*
content-length
217
via
1.1 6269b150df4618d480141e7011541b64.cloudfront.net (CloudFront)
x-amz-cf-id
ckp4nR1SUZ4nUlBit8qug4EwfmjUCsDiOUTzGrSkhviRB-ftiZV5JQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.156.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-156-226.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
13796
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 02 Jun 2022 00:57:09 GMT
server
AmazonS3
date
Sat, 04 Jun 2022 03:12:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 698d6ed7080cf905fc5a499ebcad44e2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
NRT51-P2
x-amz-cf-id
7wLtqQs_eHWASvNWVPKbakuf5yDwymahxAeCQmsPZbcws6ZSageDuA==
0.mp4
vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/ Frame F7DD 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164935/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80a0a3844f4ed88c2cbc65f634f637f68094822a1f74c3f9acc1145966a086ec

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=0-1361

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
last-modified
Tue, 18 May 2021 20:48:28 GMT
age
57087
etag
"658de8b3d1ee95b7cef28fc538f11a98"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1361/6125384
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1362
css
fonts.googleapis.com/ Frame 7FB0 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jun 2022 06:22:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Jun 2022 07:02:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jun 2022 07:02:40 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 7FB0 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2544
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:20:16 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 7FB0 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:00:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 7FB0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 7FB0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame 7FB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp5-qfAs3oTaqk4dw9_37XnA8BOm2lP7EapqS0cnVIKL0_m0kYjBbVc6HXGoEgo6BP84DCnhndphgR6OD21MOJzHpFzw
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FB0 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:40 GMT
1a132ce94651f9fd8f1d4e10540034d5.js
www.gstatic.com/mysidia/ Frame 7FB0 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13011
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:03:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Sep 2022 01:45:09 GMT
pixel
cm.g.doubleclick.net/ Frame DC4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWJkMjgyNTgwY2MwZmZlMDJiNTI3NjZjZjI1NmFjNzI5MjdjNDQzNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWJkMjgyNTgwY2MwZmZlMDJiNTI3NjZjZjI1NmFjNzI5MjdjNDQzNA
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWJkMjgyNTgwY2MwZmZlMDJiNTI3NjZjZjI1NmFjNzI5MjdjNDQzNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DC4A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EeOmeorJSJiiYb3D6OCTWA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EeOmeorJSJiiYb3D6OCTWA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EeOmeorJSJiiYb3D6OCTWA
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DWDSGX4AV5V9FXF76FB7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EeOmeorJSJiiYb3D6OCTWA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DC4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9_FiOu5yzmV8HfIZuop4QQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1821992551476939679
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1821992551476939679
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Content-Type
image/gif

Redirect headers

date
Sat, 04 Jun 2022 07:02:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1821992551476939679
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
709414.gif
id.rlcdn.com/ Frame DC4A 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
v1
ads.yahoo.com/cms/ Frame DC4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ZJ2XP4-T-4YFE&sigv=1&esig=2~e5521a7c39bc8ec01212dd8cf3472201942ed170
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ZJ2XP4-T-4YFE&sigv=1&esig=2~e5521a7c39bc8ec01212dd8cf3472201942ed170
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ZJ2XP4-T-4YFE&sigv=1&esig=2~e5521a7c39bc8ec01212dd8cf3472201942ed170
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame DC4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ZJ2XP4-T-4YFE
0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ZJ2XP4-T-4YFE
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FB2D7C3A289D4176997BE3A579F51BA0 Ref B: YTO01EDGE0721 Ref C: 2022-06-04T07:02:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgmdMl58n/FCB3xPN9tA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ZJ2XP4-T-4YFE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DC4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI41KHc7YKVIz3OpwxDSrR0&google_cver=1
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI41KHc7YKVIz3OpwxDSrR0&google_cver=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78008fe701b681dce86a72fc23cacc40
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI41KHc7YKVIz3OpwxDSrR0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DC4A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=&expires=30
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
setuid
u.4dex.io/ Frame 3639
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L3ZJ2XP4-T-4YFE
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
Expires
0
avjp
teachingaids-d.openx.net/v/1.0/ Frame 1234 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=41792e99-a0f6-4d55-b575-9186ce21ee1b&nocache=1654326160447&pubcid=4c870383-f0a2-488f-a35c-96260085d849&schain=1.0%2C1!admetricspro.com%2C678%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A660%2C%22h%22%3A371%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%2C%22minduration%22%3A0%2C%22skippable%22%3Atrue%2C%22placement%22%3A1%7D%7D%5D%7D&auid=545638561&vwd=660&vht=371&aumfs=250
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
via
1.1 google
server
OXGW/eecec1e
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 1234 		66 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
d16291e4f4619527f267779ed816b33ec3461bbe156eb852c50a2db5c098cd83

Request headers

Referer
https://www.iphoneincanada.ca/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-max-age
600
age
0
content-length
0
date
Sat, 04 Jun 2022 07:02:40 GMT
server
ATS/9.1.0.46
prebid
ib.adnxs.com/ut/v3/ Frame 1234 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d1a064028d5c0cceddcf5eafdf4600f07cbabbb31fa917956b25b21a4d8f8767
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:40 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3c12f1ce-3e2f-492c-9fbe-f4acf7013b0a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 1234 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iphoneincanada.ca
date
Sat, 04 Jun 2022 07:02:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 1234 		35 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=697372&v=8.1&ac=j&sd=1&nf=1&t=900&r=%7B%22id%22%3A%229f302c7757c77%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210bb3381d1bd25%22%2C%22ext%22%3A%7B%22siteID%22%3A%22697372%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A660%2C%22h%22%3A371%2C%22playerSize%22%3A%5B%5B660%2C371%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22678%22%2C%22rid%22%3A%22e6923eb0-18e4-4316-9910-7ba6d402c6d2%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224c870383-f0a2-488f-a35c-96260085d849%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.21.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-21-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8a574667a3b1085eb30d8febcd40ff5afa88cfb1250630420a9c7a2908afdc86

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
35
x-ak-client-geo
19
expires
Sat, 04 Jun 2022 07:02:40 GMT
mvo
tag.1rx.io/rmp/238158/0/ Frame 1234 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/238158/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iphoneincanada.ca
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 1234 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iphoneincanada.ca
date
Sat, 04 Jun 2022 07:02:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 1234 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
657014c24cd43b2bbd1317ab1275e0b3a88266ba13f41bbcd4358897d2be861c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:40 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a8992f66-ebae-407a-af2c-3f124765e7db
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/238159/0/ Frame 1234 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/238159/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iphoneincanada.ca
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
avjp
teachingaids-d.openx.net/v/1.0/ Frame 1234 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9a7a2e40-e0f8-432e-b229-5e7294ee18bc&nocache=1654326160479&pubcid=4c870383-f0a2-488f-a35c-96260085d849&schain=1.0%2C1!admetricspro.com%2C678%2C1%2Ce6923eb0-18e4-4316-9910-7ba6d402c6d2%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A660%2C%22h%22%3A371%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%2C%22minduration%22%3A0%2C%22skippable%22%3Atrue%2C%22placement%22%3A1%7D%7D%5D%7D&auid=545638570&vwd=660&vht=371&aumfs=250
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
via
1.1 google
server
OXGW/eecec1e
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 1234 		361 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4cf57ab7e808a2be8960e7e9a41e52eb3c743b8c415d2b6e7b1c3f41b4a51b72

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:39 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
63
content-length
232
cygnus
htlb.casalemedia.com/ Frame 1234 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=697371&v=8.1&ac=j&sd=1&nf=1&t=900&r=%7B%22id%22%3A%2223d229b15b63d5f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22248163b1f7c16a1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22697371%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A660%2C%22h%22%3A371%2C%22playerSize%22%3A%5B%5B660%2C371%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22678%22%2C%22rid%22%3A%22e6923eb0-18e4-4316-9910-7ba6d402c6d2%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224c870383-f0a2-488f-a35c-96260085d849%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.21.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-21-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a33cb7da98a7b8d766d2fa1f475a5739ced7ff3b7571b930050fd9241602c574

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.iphoneincanada.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Sat, 04 Jun 2022 07:02:40 GMT
common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ Frame 65D6 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3925892
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94755
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 19 Apr 2022 20:21:53 GMT
server
nginx
etag
"625f19e1-17223"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Wed, 19 Apr 2023 20:31:08 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
KXLaNfUx1-3DGXjT3Saiu9llnjcNQQ4ov6Zu5gvfdyQw5G-_AGlBEw==
x-cache-hits
0
0.mp4
vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/ Frame F7DD 		607 KB
607 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164935/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e97427087d41a216da4372ec3d9424695ea19bca72fe53340105f1ff1a9264bc

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=1362-622741

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
last-modified
Tue, 18 May 2021 20:48:28 GMT
age
57087
etag
"658de8b3d1ee95b7cef28fc538f11a98"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1362-622741/6125384
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
621380
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.43.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-43-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sat, 04 Jun 2022 07:17:40 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:48:16 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
336822969
/
onetag-sys.com/usync/ Frame 32A7 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
p-37d99f7e.system.js
tags.catapultx.com/cxo/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-37d99f7e.system.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5ee6b45ff6fcc6fa781bf299b205eadb1f33c961bb089395c5e040ab19040e0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Jun 2022 14:07:02 GMT
server
cloudflare
etag
W/"48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgZ5YntysRFootvRZ%2Bnwys%2FvauLMdTmtz9Kzj7Xhkr4%2F%2Bn5k6OCTAzZrZIoOQP6MWcoXtape5476BakGa5OH%2Bkhn3GZkFdHlFQnK668epuj6uzPMgTEf2Eebo1Sq4mPr4m47GC0jXb05j%2BLlNp8Edn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
715ecde77dc14bd0-YUL
common.bundle.a59fbd11efae764ccd959d61e4925fee.js
c.disquscdn.com/next/recommendations/ Frame F23B 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3925881
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88804
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 19 Apr 2022 20:21:53 GMT
server
nginx
etag
"625f19e1-15ae4"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Wed, 19 Apr 2023 20:31:19 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
H3yOSn3nByIOXA5GgCk3osgbsYdLp6I9oGp5FEWDmBUo6MY9AR83PA==
x-cache-hits
0
p-c8ac379d.system.js
tags.catapultx.com/cxo/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-c8ac379d.system.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
56456b151a0459aac1a97b417db3e4eb5c86febc80e85eed9b86469c09da5ccd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Jun 2022 14:07:02 GMT
server
cloudflare
etag
W/"48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKM%2FhAInf5lP6ofmlNghX6pRghQaLfsWcaeB%2BrRmJBsKUIK4Q7CupSrc7D%2BWcgHQ%2BksJpw0bi4E%2BsyQ2PQISDekD9A4TTvjLIPEH0MEPPWkYs2lkLUIg82tApiau0rcJcVvOIsNN4iHMHupCICTdFr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
715ecde81e0f4bd0-YUL
lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ Frame 65D6 		165 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 19:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6435387
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26078
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 21 Mar 2022 19:03:40 GMT
server
nginx
etag
"6238cc0c-65de"
content-type
text/css; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Tue, 21 Mar 2023 19:26:13 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
QVuUiX7S6-s6qAfHCFDk7kWXtRLyh6FIzShBUxvn7Zla7srtr7rKoA==
x-cache-hits
0
724.json
id5-sync.com/g/v2/ 		453 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
fde5caab3873d878f98ff334c14f01c4adba240e7021d49b4768b4fd11135c3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
c.disquscdn.com/next/embed/ Frame 65D6 		476 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49736
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
123109
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 03 Jun 2022 17:03:15 GMT
server
nginx
etag
"629a3ed3-1e0e5"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Sat, 03 Jun 2023 17:13:44 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
hzXNV0OXmb2Ez1O2rdJqNSAJ8Z2loYxty1Z-pyouCxX8i1VSAX7QEQ==
x-cache-hits
0
config.js
disqus.com/next/ Frame 65D6 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7184f2085bedef65d3c0c459b2ade2c5cda92c16f4b6e426618aae36fc20d754
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:40 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
58
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
15276
X-XSS-Protection
1; mode=block
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame F23B 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 21 May 2022 16:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1174728
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-ba2"
content-type
text/css; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Sun, 21 May 2023 16:43:52 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
n3PDSamPlK_gvRFxMTWuNX_rmtvuRMfcgMQE74f4SOFik95V_0nDeQ==
x-cache-hits
0
iu3
s.amazon-adsystem.com/ Frame 44DA
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&dcc=t
346 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d5da2e78ecdf98597abb4086ffe273ffa68b7c46b1a41a6a62770fa698ed7b86
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
346
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 04 Jun 2022 07:02:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8G5NDE6APRTZZ775N0H1

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 04 Jun 2022 07:02:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TK1T58NRGEJB71FQD305
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.iphoneincanada.ca
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.iphoneincanada.ca
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		261 KB
77 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3521502167565206&correlator=69293125672139&eid=21065724&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&iu_parts=22404337467%3A1018556%2Ciphoneincanada-728x90-ATF%2Ciphoneincanada-728x90-BTF%2Ciphoneincanada-728x90-Sticky%2Ciphoneincanada-300x250-Sidebar1%2Ciphoneincanada-300x250-Sidebar2%2Ciphoneincanada-300x250-Left1%2Ciphoneincanada-300x250-Left2%2Ciphoneincanada-300x250-Right1%2Ciphoneincanada-300x250-Right2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C728x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&ifi=3&adks=3210178073%2C2681148505%2C1580647515%2C3828263961%2C200136199%2C2511280138%2C3588253534%2C1256051046%2C2180980196&sfv=1-0-38&ecs=20220604&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_adid_nextMillenni%3D1447c0d12f5c67d4%26hb_bidder_nextMillen%3DnextMillennium%26dyn_bids%3D0.50%26hb_adid%3D1447c0d12f5c67d4%26hb_bidder%3DnextMillennium%7Camznbid%3D2%26amznp%3D2%26hb_adid_ix%3D14234f354d228ced%26hb_bidder_ix%3Dix%26dyn_bids%3D0.10%26hb_adid%3D14234f354d228ced%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_adid_ix%3D14306008fceb3d4b%26hb_bidder_ix%3Dix%26dyn_bids%3D0.06%26hb_adid%3D14306008fceb3d4b%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3Dcea8cd5f3760678e-22ab1733c1d200b2%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_Maokd8R45lwvX2_7mW5WkLfFs-dhA&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&abxe=1&dt=1654326160786&lmt=1654319548&dlt=1654326157816&idt=693&biw=1600&bih=1200&adxs=436%2C436%2C437%2C996%2C996%2C321%2C329%2C647%2C639&adys=107%2C2828%2C1109%2C463%2C181%2C774%2C2243%2C774%2C2243&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=992x50%7C992x50%7C732x-1%7C300x26%7C300x250%7C659x-1%7C610x-1%7C659x-1%7C610x-1&msz=728x50%7C728x50%7C728x-1%7C300x26%7C300x250%7C300x-1%7C300x-1%7C300x-1%7C300x-1&fws=4%2C4%2C512%2C0%2C0%2C4%2C4%2C4%2C4&ohw=992%2C992%2C0%2C0%2C0%2C659%2C659%2C659%2C659&ga_vid=782479863.1654326158&ga_sid=1654326159&ga_hid=1737926759&ga_fc=true&btvi=0%7C1%7C0%7C0%7C0%7C0%7C2%7C0%7C3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
d30df60bbfe1fc2632065308e48539c629ca24f84700760fd069b867f400fe7c
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIukpZmdk_gCFQ-3nwodVLUCTw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIukpZmdk_gCFQ-3nwodVLUCTw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
google-creative-id
138358444818,-1,-1,-1,138358763692,-1,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78761
x-xss-protection
0
google-lineitem-id
5754638564,-1,-1,-1,5754639566,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Sat, 04 Jun 2022 07:02:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ Frame F23B 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 20:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20342218
x-cache
Hit from cloudfront
content-length
20244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 11 Oct 2021 20:15:56 GMT
server
nginx
etag
"61649b7c-4f14"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Tue, 11 Oct 2022 20:25:42 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
bTrtT5vcqOl3M6QpL2ds_o9kKTeIIPclOHG2WAtbWzlhhH0xbIn-xg==
x-cache-hits
0
config.js
disqus.com/next/ Frame F23B 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7184f2085bedef65d3c0c459b2ade2c5cda92c16f4b6e426618aae36fc20d754
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:40 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
58
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
15276
X-XSS-Protection
1; mode=block
p-deb2e7f3.system.entry.js
tags.catapultx.com/cxo/ 		347 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-deb2e7f3.system.entry.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e667de6a3e66b1f7f687333aaea061512e76ca144cb6915f6dbf88aedf82407f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 02 Jun 2022 14:07:02 GMT
server
cloudflare
etag
W/"48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiHEtfABxNOM7z8vrenKX8KF5d%2BFTBw0mwxPExP1a1RkCcaJLCqFeu%2BtIzvlugr%2FARY5atFFMwhaRjsn%2B%2FWk71dFF9mzJsf%2FujzdibtKgXnPt2IfqbFzYTeVwSKQMYpyq7jzOPU0PKuCa0dyMQpVe6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
715ecde91ea44bd0-YUL
1.m3u8
vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/ Frame F7DD 		723 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-6e437703-3c64-4e75-82b5-8ec1b0b72ab2/60764267-557e-410f-85cb-f102d92ee134/a4c972d8-5225-4fee-b868-448a8f4abd0c/1.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164935/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3cffc97cfa9bd444210677b79556d2d61dccb05e50c51837c0fa720d3d43774e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:48:29 GMT
age
52882
etag
"c302460730e7df7520f775f2d430c983"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
270
details
disqus.com/api/3.0/forums/ Frame 65D6 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=iphoneincanada&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa895904237672249b8a79b17631fc7f25d49a066d1e61bbcfd9f346f851e5f4
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:40 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3192
X-XSS-Protection
1; mode=block
details
disqus.com/api/3.0/forums/ Frame F23B 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=iphoneincanada&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa895904237672249b8a79b17631fc7f25d49a066d1e61bbcfd9f346f851e5f4
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:40 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3192
X-XSS-Protection
1; mode=block
player-event
events.catapultx.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
715ecdea48794bbf-YUL
date
Sat, 04 Jun 2022 07:02:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G6gO2SyhaX889sJ01L8SmHr6dlQuqrbq%2B4YRAN9%2BelL2oBok86PndpS8Msz2ZZELG9ayigHF4TatwcWVL4lJaa4H41TKRF6AjxviDm2S0i8SYSylfsWvnCOwnfmY0IISxs7mhYNKYXVfoLZGuyX13n0vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.catapultx.com/api/v1/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-deb2e7f3.system.entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FQg4KEGKmCoY2FpgGIf1apl8plQwIxSPwRZw1F6kbt%2BnHQ1CULh5y2vT1HGEJXWc%2BCrkPiVtlTVL3NIB5T%2Bv5RNA%2F4C7gAnHOsPxKwcbfUJ%2FG%2FIw%2BWeydp%2FiVetADnKKw9fdihYiY6iJL4XCNIwVUWVBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
715ecdeaab6fece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161089/5500/ 		198 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-deb2e7f3.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
231a6ca742711804b79a2ec26b5f5fe6c8bb41b451648a0bdb95ddae33beec16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 17:59:53 GMT
server
Apache/2.2.15 (CentOS)
etag
"16c22ef-3193c-5e066a807ef44"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=108435
accept-ranges
bytes
content-type
text/javascript
content-length
62011
expires
Sun, 05 Jun 2022 13:09:55 GMT
iphoneincanada.ca
demand.catapultx.com/api/v1/group/configs/E05GK6gdXkSSdyoPZtRoKg/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.catapultx.com/api/v1/group/configs/E05GK6gdXkSSdyoPZtRoKg/iphoneincanada.ca
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-deb2e7f3.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b688ec4cfbf64d4b628fbe31ed4310eb45e16f25ebb2294a7d36eed05c83a3bb

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlLQEAZ0Nnwa7Lj%2BMbhms6r%2BlKriwTots2jsh48kx%2F2IKMRzTEKGQDj1R%2FPfXm%2BRFV%2FUHjDdolEMzSek5YBGzpW%2BvDs%2BHKvpHgbv99PEy%2B6WNN75NBEu4E69OfTHkgKkibVsevnXJFaFgtVUNWY%2BzOO1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
715ecdea4b65ece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 65D6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 02 May 2022 21:10:18 GMT
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2800343
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 26 Apr 2022 19:12:12 GMT
server
nginx
etag
"6268440c-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Tue, 02 May 2023 21:10:18 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
u5KFKVPk23M_cZWnCVXctm2g0N4kZCuHjkOCuxQZuecsbjy7RwT9pw==
x-cache-hits
0
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 65D6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:49 GMT
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
21986092
x-cache
Hit from cloudfront
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-6e3"
content-type
image/png
access-control-allow-origin
*
expires
Thu, 22 Sep 2022 19:47:49 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
e8vNcfHY1HEAo-oPrT5rfIsn5SJjdrA0gbEuwgf_rPEK5mv0g2tiCQ==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 65D6 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Origin
https://disqus.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 07 May 2022 01:16:30 GMT
via
1.1 a4a5018e47c99d5484f43a6eb50bda5e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2439971
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 06 May 2022 16:25:41 GMT
server
nginx
etag
"62754c05-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Sun, 07 May 2023 01:16:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fm3guTDuMURIMwVUIS4AXA2R0VhG-GGXGu9wd-5N7gl9e47zqU3O_w==
x-cache-hits
0
pr
s.amazon-adsystem.com/v3/ Frame 23F6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
99da21f2df245211f06df73b860628ca321358e542b66c9a163bc32f5909e37a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2416
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
VQW2DT1YH7VQMB30Z4GN
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame F23B 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=iphoneincanada&thread=ident%3A365501+https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e0d26648762167c302cf4c8332ffff5dab0e087563ad05d27b70211a9440f8ed
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
302
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin
Content-Length
6957
X-XSS-Protection
1; mode=block
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/i/724/8.gif?id5id=ID5*vlHbLpJtfxdq_BrItentwE3Dh0_wvFAldCNikzGgMz4U3HQh-O77GRn0jIdwBddU&o=api&gdpr_consent=undefined&gdpr=0
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/724/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/724/2/7/2.gif?puid=1696151633887888005&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/724/3/6/3.gif?puid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/724/429/4/5.gif?puid=855B06D3-3D54-4A42-91F6-827309E6A457&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/724/434/3/6.gif?puid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F108%2F2%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/724/108/2/7.gif?puid=42e810d3-10eb-45f8-8040-856705c10d9a&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F724%2F136%2F1%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/724/136/1/8.gif?puid=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&consent=&id5id=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
49 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&consent=&id5id=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&consent=&id5id=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
date
Sat, 04 Jun 2022 07:02:45 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2518501
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 26 Apr 2022 19:12:12 GMT
server
nginx
etag
"6268440c-67d2"
content-type
application/javascript; charset=utf-8
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
expires
Sat, 06 May 2023 03:27:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
timing-allow-origin
*
x-amz-cf-id
mAeCdU1ZVmwfH-5KrGnAZm6MmJ-I6g6bPhW9YU9TdfpuSAB1rGFwIw==
x-cache-hits
0
avatar92.jpg
c.disquscdn.com/uploads/forums/19961/ Frame 65D6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/uploads/forums/19961/avatar92.jpg?1604985585
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
11212a74fec9602bcef1c3ec91533111183efaf9908c2a7903737ecbeb19f283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 13:51:19 GMT
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4468282
x-cache
Hit from cloudfront
content-length
2008
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Tue, 10 Nov 2020 05:19:45 GMT
server
nginx
etag
"a82a59a78eb6847d78b0b395926ea4d9"
content-type
image/jpeg
expires
Thu, 13 Apr 2023 13:51:19 GMT
cache-control
max-age=31536000, public, immutable
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
x-amz-cf-id
SxgBqFQ1-OJFYY9v0_6R-bWL23JuOjVUbf9yU7V3Bg6R64ZpPsRNQw==
x-cache-hits
0
user-sync
sync.adkernel.com/ Frame E130 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
1782f8da063a4819199e3bf3f57acd156b30758b55cc62caaaffa01dd2850920

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
1396
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Jun 2022 07:02:41 GMT
Pragma
no-cache
Server
nginx
get
c.disquscdn.com/ Frame F23B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn.iphoneincanada.ca%2Fwp-content%2Fuploads%2F2017%2F09%2Fiic-logo-1.svg&key=TXSNb87zoG3mgaIx1LLrWg&h=200
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
sdk.js
connect.facebook.net/en_US/ Frame 65D6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b1304c25f3576147c65126961a163d202ecf52bfab9b466eafec6b9ee7619329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CdI8LLjKAdv5VjtHPQPurQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
tdX2xjRJuZi+agVKVEjhZL8O6TNnsY9a6jgRWOo1y4QAteu71vUY7g/Y6dDEby0FliRnuQWq4NxAZIX1XihT/Q==
x-fb-trip-id
1512268381
x-fb-content-md5
e138ca0dda58f359c0ba6ae0f7f0d8c5
x-frame-options
DENY
date
Sat, 04 Jun 2022 07:02:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"52d989e784ba6ca296879dfd5e18ad66"
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:10:23 GMT
api.js
apis.google.com/js/ Frame 65D6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de30b1fc781f1344f02ff2230b868a870e18cea33e2228017066b2f1d2ef753d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5520
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sat, 04 Jun 2022 07:02:41 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"5e358415b06c48cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:02:41 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
270
Expires
Sat, 04 Jun 2022 07:02:41 GMT
ecm3
s.amazon-adsystem.com/ Frame 23F6
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7ba3b0ae
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7ba3b0ae
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6M4FKKGGDXNJ3WHYN6JN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:41 GMT
via
1.1 919e9b9a356118bf34b96bfdfbc59e82.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT51-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7ba3b0ae
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
HHUB8jPJ5kiyQH0-sotzkm-QAV_W83f8u9VxZXIGqOjWb-pI6dcd1Q==
ecm3
s.amazon-adsystem.com/ Frame 23F6
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bff618de-2b06-48a2-bbff-b6ccc8d39000
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bff618de-2b06-48a2-bbff-b6ccc8d39000
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GY75R7236EH8XR120TE6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bff618de-2b06-48a2-bbff-b6ccc8d39000
Date
Sat, 04 Jun 2022 07:02:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 23F6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=AAFDDU7FNgcAAEin6MYPOw&ex=beeswax.com
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAFDDU7FNgcAAEin6MYPOw&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1VRJFNRS3C6KDP8DQG24
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAFDDU7FNgcAAEin6MYPOw&ex=beeswax.com
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame 23F6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHVGHUWLMHBXTS...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=LzYl8o9JwaVt_2Mo36Wu
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=LzYl8o9JwaVt_2Mo36Wu
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZEC2YTSDZVVJHEJS6WYE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
P3p
CP="We do not support P3P header."
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=LzYl8o9JwaVt_2Mo36Wu
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
avatar92.jpg
c.disquscdn.com/uploads/forums/19961/ Frame 65D6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/uploads/forums/19961/avatar92.jpg?1604985585
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
11212a74fec9602bcef1c3ec91533111183efaf9908c2a7903737ecbeb19f283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 13:51:19 GMT
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4468282
x-cache
Hit from cloudfront
content-length
2008
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Tue, 10 Nov 2020 05:19:45 GMT
server
nginx
etag
"a82a59a78eb6847d78b0b395926ea4d9"
content-type
image/jpeg
expires
Thu, 13 Apr 2023 13:51:19 GMT
cache-control
max-age=31536000, public, immutable
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
x-amz-cf-id
ju7VWq4gne6n17XoPUmhJwQmP36VtpieIqOo9pl0EQ_A9dAKEUX-Nw==
x-cache-hits
0
user-sync
sync.adkernel.com/ Frame E130
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D406496%26t%3Dimage%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dappnexus%26cbx%3DLy9zeW...
  • https://prebid.a-mo.net/cchain/0/34?gdpr=&gdpr_consent=&us_privacy=&A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=appnexus&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5Ni...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F34%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D15f8b8fe-b...
  • https://prebid.a-mo.net/cchain/1/34?gdpr=&gdpr_consent=&us_privacy=&A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=index_rtb&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5N...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU1QjA2RDMtM0Q1NC00QTQyLTkxRjYtODI3MzA5RTZBNDU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F34%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26...
  • https://prebid.a-mo.net/cchain/2/34?gdpr=&gdpr_consent=&us_privacy=&A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=pubmatic&cbx=Ly9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNTM4NzMmZHNwPTQwNjQ5Ni...
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=406496&t=image&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=&gdpr_consent=&us_privacy=
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=153873&dsp=406496&t=image&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

location
//sync.adkernel.com/user-sync?zone=153873&dsp=406496&t=image&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 04 Jun 2022 07:02:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
user-sync
sync.adkernel.com/ Frame E130
Redirect Chain
  • https://ap.lijit.com/pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D420326%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=420326&t=image&uid=EwNGcBZHlxfgonDXRwy1yjjY
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=153873&dsp=420326&t=image&uid=EwNGcBZHlxfgonDXRwy1yjjY
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.adkernel.com/user-sync?zone=153873&dsp=420326&t=image&uid=EwNGcBZHlxfgonDXRwy1yjjY
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
user-sync
sync.adkernel.com/ Frame E130
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562422&ev=A8492896450583913946&rurl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D333913%26t%3Dimage%26uid%3D%25%25VGUID%25%25
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=333913&t=image&uid=em1JAirFG5LC&ev=A8492896450583913946&pid=562422
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=153873&dsp=333913&t=image&uid=em1JAirFG5LC&ev=A8492896450583913946&pid=562422
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https:////sync.adkernel.com/user-sync?zone=153873&dsp=333913&t=image&uid=em1JAirFG5LC&ev=A8492896450583913946&pid=562422
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5fbd64586c-f4jcc
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame 8B60 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ca8426820aec3db5f66f24801df2ed8fa6f942caa96900310f9aa3089e9fb2e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1790
Content-Type
text/html
Date
Sat, 04 Jun 2022 07:02:41 GMT
Dropped-Udsids
241|39|230|45|88|90|64|13
Expires
Sat, 04 Jun 2022 07:02:41 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
tamptsync
sync-amz.ads.yieldmo.com/ Frame 471C 		893 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.82.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-82-32.compute-1.amazonaws.com
Software
/
Resource Hash
65f418eedb124b61d9d7d081509d0964c5c5ab6e5d537f6181c0a7fc97cdc366

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
usync.html
eus.rubiconproject.com/ Frame 3971 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 74B6
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8867012480303613517&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8867012480303613517&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
7DZDJVK299C70J7TFEYS

Redirect headers

content-length
0
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8867012480303613517&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame D8A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=1696151633887888005&ex=appnexus.com&gdpr=0
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1696151633887888005&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
FRJZ54B13MCGW45BHN5D

Redirect headers

AN-X-Request-Uuid
1be039d4-bca0-497c-9421-441f8cd91a0d
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=1696151633887888005&ex=appnexus.com&gdpr=0
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame DDA6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3440408375380958027
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3440408375380958027
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
HBWMAX4MQNESE9V4Q9WC

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3440408375380958027
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
ecm3
s.amazon-adsystem.com/ Frame BA71
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=556026402494639543882
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=556026402494639543882
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-LoopMe_ym_rbd_n-Beeswax_smrt_an-db5_n-amobee_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
R2AZ7A3R7DWTGSGK2P21

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=556026402494639543882
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel.gif
cdn.viglink.com/images/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.918948581289333
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
15
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
715ecdeceba37133-YUL
x-amz-request-id
4Z1QG3FV1QP2TKPH
x-amz-id-2
NnD7MGvMT7hblW6Z9wekTuMf0k92G4soFNx/25pWvh6cN8wp7xFZBN428bDD2oLMRMT1QDL6KeA=
pixel.gif
cdn.viglink.com/images/ 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.918948581289333
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
15
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
715ecdeceba57133-YUL
x-amz-request-id
4Z1QG3FV1QP2TKPH
x-amz-id-2
NnD7MGvMT7hblW6Z9wekTuMf0k92G4soFNx/25pWvh6cN8wp7xFZBN428bDD2oLMRMT1QDL6KeA=
img-placeholder.df52e7638153b73862008d3d0556fdda.png
c.disquscdn.com/next/recommendations/assets/img/ Frame F23B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/recommendations/assets/img/img-placeholder.df52e7638153b73862008d3d0556fdda.png
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e9:d000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 08:34:58 GMT
via
1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
7338463
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1054
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 10 Mar 2022 18:35:58 GMT
server
nginx
etag
"622a450e-41e"
content-type
image/png
access-control-allow-origin
*
expires
Sat, 11 Mar 2023 08:34:58 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
sFExmd0aq6172GYhHU50fUNL1LFYGdF_8hNQyIgVKMls-ByvZiEQgw==
x-cache-hits
0
sync.html
public.servenobid.com/ Frame 9933 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7048cffc8d40a9a30ef697e4c5d0a36916f5fc52044329e28a8c7c4b4666aa03

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 04 Jun 2022 07:02:41 GMT
etag
"932d6618454a24c5cf3ad5f25825ecce"
last-modified
Tue, 31 May 2022 18:42:20 GMT
server
AmazonS3
x-amz-id-2
1EWrkREQELcqNvZdUiU5mMy0qYyCuDCU18aQ/BfSvx85X10gQWd7mKgtLrV0xaDdMKCSXLwpEpo=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:2eb1aaf4-247b-4e52-a802-e8cd900d39ea
x-amz-meta-codebuild-content-md5
20a4fb183531ba70b39d5a2dfecc75d2
x-amz-meta-codebuild-content-sha256
c86041a4eda4e8a7eab23343995e324b6b57a4b93db1e64ecabf90b8558c6365
x-amz-request-id
TK8C24JP1470MG9N
x-azure-ref
0kQObYgAAAACtb9XiaR1sR7Loh7KNKNE/WVRPMjIxMDkwODIwMDM3ADg0ZTdkZmEyLTE0NDItNDMzNC1iMzRmLWU0MmQzZjdkZGFkOQ==
x-azure-ref-originshield
0XleaYgAAAABUBV4fXU/kSax4HSLEJ5EMRVdSMzBFREdFMDUxOAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-cache
TCP_HIT
/
hde.tynt.com/deb/ Frame D9C5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
58050660ba6a1997de70876eca74118b1a48f19a9c2d74164a8f3e6c7482c33d

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1556
content-type
text/html
date
Sat, 04 Jun 2022 07:02:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sat, 04 Jun 2022 07:02:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
sdk.js
connect.facebook.net/en_US/ Frame 65D6 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7e879b2d9832d30a138e00694abcca19
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30a5a100d3373b63df476b39e5336dcd4da9d9ea1b6af6c3eb5859cb26fe009b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Origin
https://disqus.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BlOgdk9fzUODVPplCYXtSA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85711
x-fb-rlafr
0
x-fb-debug
aMYEn1Yo2MpchrA/RR8NmyLQW4ThzWUOD8xBZc4fgNtIsRdt1aMWoRVcas8WHck6gmZFQqeTuECNHX1V7y7/ag==
x-fb-content-md5
f8f118919e3624d68216bfbc0105e92f
x-frame-options
DENY
date
Sat, 04 Jun 2022 07:02:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"7a35ac8d7a261905e20084062ecf4aee"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 04 Jun 2023 04:59:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3971 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4921bc2575a32b7a59fa32a43b3902353cc129f4ac8010d9187f5f232fffe30

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70229
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sun, 05 Jun 2022 02:33:10 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.KVSPb_Y8pSk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gW8E5WGSmGcbq8d2kz7xJze20YQ/ Frame 65D6 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.KVSPb_Y8pSk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gW8E5WGSmGcbq8d2kz7xJze20YQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e7ff8a9893c0fb085662356cddd8e57d34b4241bb5bbe1d9ad002d973c2fb77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 15:21:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:16:24 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
715ecdeccf334bd6-YUL
date
Sat, 04 Jun 2022 07:02:41 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
364
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Jul 2022 07:02:41 GMT
dcm
s.amazon-adsystem.com/ Frame 8B60 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XZMGBHVPR2HG1VCZQ9Y1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8B60
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&expiration=1656918161&gdpr=0&gdpr_consent=
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&expiration=1656918161&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&expiration=1656918161&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 8B60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8B60
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YpsDj6V2eezDp-7lpu.RAQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8B60
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YpsDkQAGWK5FIQAo
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YpsDkQAGWK5FIQAo&_test=YpsDkQAGWK5FIQAo
43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YpsDkQAGWK5FIQAo&_test=YpsDkQAGWK5FIQAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654326162.527031,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YpsDkQAGWK5FIQAo&_test=YpsDkQAGWK5FIQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 8B60
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F2FA02F7620E412F9BAA59AB0D5D3BA6
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F2FA02F7620E412F9BAA59AB0D5D3BA6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F2FA02F7620E412F9BAA59AB0D5D3BA6
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 03 Jun 2022 07:02:41 GMT
rum
r.casalemedia.com/ Frame 8B60
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:42 GMT

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
date
Sat, 04 Jun 2022 07:02:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
crum
dsum-sec.casalemedia.com/ Frame 8B60
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07bc220407b06c2f1279ae43&expiration=[EXPIRATION]
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07bc220407b06c2f1279ae43&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07bc220407b06c2f1279ae43&expiration=[EXPIRATION]
Date
Sat, 04 Jun 2022 07:02:41 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
ecm3
s.amazon-adsystem.com/ Frame 8B60 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4F803DR4PBQCZ35FEC9H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 471C 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g88aa88ceacb14000313&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8G39TCSN4JQMB6NM56XH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame 471C
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1696151633887888005&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1696151633887888005&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4b6420f5-2d21-4307-923d-d3ff9e176508
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cca25a89-cf48-47df-a18d-ca06e958f783
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=1696151633887888005&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 471C
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAFDDU7FNgcAAEin6MYPOw&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=bff618de-2b06-48a2-bbff-b6ccc8d39000&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=bff618de-2b06-48a2-bbff-b6ccc8d39000&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.159.78.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-78-82.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=bff618de-2b06-48a2-bbff-b6ccc8d39000&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Sat, 04 Jun 2022 07:02:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 471C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.159.78.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-78-82.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame 471C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=aWA2V2Z3TFhFZKgtJANe65U4mbI&gdpr=&gdpr_consent=
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=aWA2V2Z3TFhFZKgtJANe65U4mbI&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.159.78.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-78-82.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=aWA2V2Z3TFhFZKgtJANe65U4mbI&gdpr=&gdpr_consent=
Date
Sat, 04 Jun 2022 07:02:41 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame 471C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=em1JAirFG5LC&ev=1&pn_id=pp&pid=561118
43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=em1JAirFG5LC&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.203.82.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-82-32.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=em1JAirFG5LC&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5fbd64586c-f4jcc
expires
-1
status
www.facebook.com/x/oauth/ Frame 65D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.iphoneincanada.ca&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Diphoneincanada%26t_i%3D365501%2520https%253A%252F%252Fwww.iphoneincanada.ca%252F%253Fp%253D365501%26t_u%3Dhttps%253A%252F%252Fwww.iphoneincanada.ca%252Fnews%252Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%252F%26t_e%3D%25E2%2580%2598Predator%25E2%2580%2599%2520Spyware%2520for%2520iPhones%2520Uncovered%2520by%2520Toronto%2520Researchers%26t_d%3D%25E2%2580%2598Predator%25E2%2580%2599%2520Spyware%2520for%2520iPhones%2520Uncovered%2520by%2520Toronto%2520Researchers%26t_t%3D%25E2%2580%2598Predator%25E2%2580%2599%2520Spyware%2520for%2520iPhones%2520Uncovered%2520by%2520Toronto%2520Researchers%26s_o%3Ddefault%23version%3Dcfefa856cbcd7efb87102e7242c9a829&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
NBsMLxD8T46EBms7g3/55rye+C8pr8QzZULsKWbdXNGu9J0zX6Qrsn4u6+zw1y3UxAVKzYl7ln0CDF5e2LuBIA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Sat, 04 Jun 2022 07:02:41 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame 9CC5 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.KVSPb_Y8pSk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gW8E5WGSmGcbq8d2kz7xJze20YQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200d Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d898607916aa65f22321ee869090314d25c8f390f2fe84f4d5b27c4685cef329
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-7lgbo31BwQdPdHOUhGF0RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-7lgbo31BwQdPdHOUhGF0RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2699 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145967
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 5EFF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.69.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-69-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
311308c8b2c89b8fc59c4716bafa2ad8ce1dea1b8c2051ed8217d121fc2a5cf3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 04 Jun 2022 07:02:41 GMT
etag
W/"04100ef74f995f6c3ad4c2af5e78e4b07"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 9617 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame D4EA 		899 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.197 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
f491f06c528cd698ac162ab6948f8f0603ac1cdb665eaca86aca0c1e8a0889c8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
899
content-type
text/html
date
Sat, 04 Jun 2022 07:02:41 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DDEB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
963b73f99c8216fda9bec7b79576aaa207555323d732c99282763f2f0adbf6aa

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1618
Content-Type
text/html
Date
Sat, 04 Jun 2022 07:02:41 GMT
Dropped-Udsids
73|46|3|206|241|191|4|17
Expires
Sat, 04 Jun 2022 07:02:41 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
setuid
x.yieldlift.com/ Frame 9933
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.3.28.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-28-57.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
91d7c49c-8014-4caa-914c-76db1a872a39
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMGVhNmI1ZGYtNzFkOS00NTRiLThlNWItNWM4ZjkzODQ2NWEzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTcyNzFaIn0=
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMGVhNmI1ZGYtNzFkOS00NTRiLThlNWItNWM4ZjkzODQ2NWEzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTcyNzFaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMGVhNmI1ZGYtNzFkOS00NTRiLThlNWItNWM4ZjkzODQ2NWEzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTcyNzFaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1654326161780
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
ap.lijit.com/ Frame 9933
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F334%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D15f8b8fe-bcb5-4b0c-a98b...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F334%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.92.190.74 Fort Mill, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 04 Jun 2022 07:02:41 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F334%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Sat, 04 Jun 2022 07:02:41 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 9933
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
date
Sat, 04 Jun 2022 07:02:41 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-sync
sync.adkernel.com/ Frame 9933
Redirect Chain
  • https://ads.servenobid.com/getsync?redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID&wl=312,327
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=384073&t=iframe&uid=
0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=153873&dsp=384073&t=iframe&uid=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?&nobid-env=dev&wl=312,327&redirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D384073%26t%3Diframe%26uid%3D%24UID
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
nginx
Connection
close
Content-Length
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
content-type
image/avif;charset=ISO-8859-1
location
//sync.adkernel.com/user-sync?zone=153873&dsp=384073&t=iframe&uid=
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DDEB 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:518c:735c:e4a6:5f19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame DDEB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1696151633887888005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1696151633887888005
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d4904ca2-786a-481c-a0d7-dd99517e8ad0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DDEB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Jun 2022 07:02:40 GMT
YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DDEB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a02:518c:735c:e4a6:5f19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
date
Sat, 04 Jun 2022 07:02:41 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame DDEB 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FN7Y3BQDXZV7AE7DG2MZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DDEB
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8fe58399-2fa2-0314-49b45250
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8fe58399-2fa2-0314-49b45250
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:41 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8fe58399-2fa2-0314-49b45250
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
rum
dsum-sec.casalemedia.com/ Frame DDEB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3440408375380958027
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3440408375380958027
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:41 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3440408375380958027
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame DDEB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TD2LFWDQ...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LzYl8o9JwaVt_2Mo36Wu
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LzYl8o9JwaVt_2Mo36Wu
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:42 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=LzYl8o9JwaVt_2Mo36Wu
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
ads.servenobid.com/ Frame DDEB 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame 3E33
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user-sync
sync.adkernel.com/ Frame D9C5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1654326161639.&ri=0015a00002qt8uxAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3...
  • https://sync.adkernel.com/user-sync?zone=153873&dsp=411891&t=iframe&uid=2130873079196
0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=153873&dsp=411891&t=iframe&uid=2130873079196
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
nginx
Connection
close
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://sync.adkernel.com/user-sync?zone=153873&dsp=411891&t=iframe&uid=2130873079196
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame D9C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=0_JLZ9XzSzfI8hM2h6NfYNamQGTIpRBg16XoaYrh
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=bff618de-2b06-48a2-bbff-b6ccc8d39000
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=bff618de-2b06-48a2-bbff-b6ccc8d39000
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=bff618de-2b06-48a2-bbff-b6ccc8d39000
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=bff618de-2b06-48a2-bbff-b6ccc8d39000
date
Sat, 04 Jun 2022 07:02:42 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
events-ssc.33across.com/ Frame D9C5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326161639.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=caf8629b-0391-4400-a758-3b41b5522cdf
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Jun 2022 07:02:40 GMT
match
events-ssc.33across.com/ Frame D9C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Hjv_pb1E2uGCvgTX1IntTPB3BpCZFxtT~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Hjv_pb1E2uGCvgTX1IntTPB3BpCZFxtT%7EA&ts=1654326161&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Hjv_pb1E2uGCvgTX1IntTPB3BpCZFxtT%7EA&ts=1654326161&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Hjv_pb1E2uGCvgTX1IntTPB3BpCZFxtT%7EA&ts=1654326161&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame D9C5
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=50b328d2ddf908e5&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKEP_9Dz1igNz_9TvAAAAAAA&expiration=1654412562&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKEP_9Dz1igNz_9TvAAAAAAA&ts=1654326162&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKEP_9Dz1igNz_9TvAAAAAAA&ts=1654326162&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKEP_9Dz1igNz_9TvAAAAAAA&ts=1654326162&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame D9C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1656918161%26external_user_id%3D7e2f6ba0-ad77-492e-9ec4-c1463734beb8
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1656918161&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1656918161&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002qt8uxAAA&ru=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153873%26dsp%3D411891%26t%3Diframe%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:40 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1656918161&external_user_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1696151633887888005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1696151633887888005
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1b52fe0b-6586-4d86-a875-65ee9d94af70
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_169133db-c4e8-48d7-8739-0fffd5896912&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2633905662877009385&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=bff618de-2b06-48a2-bbff-b6ccc8d39000
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=bff618de-2b06-48a2-bbff-b6ccc8d39000
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=bff618de-2b06-48a2-bbff-b6ccc8d39000
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 5EFF
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_169133db-c4e8-48d7-8739-0fffd5896912&obuid=ENC(OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3Duuid%3D%5BRX_UUID%5D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1654326162830
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:43 GMT
Cache-Control
no-cache
X-TraceId
f9e36d75401d3db264dd1c8c9248e3df
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:41 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-69603657-6677-4c58-4564-a82d24035eeb$ip$149.56.153.178
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-69603657-6677-4c58-4564-a82d24035eeb$ip$149.56.153.178
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.233.42.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-42-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-69603657-6677-4c58-4564-a82d24035eeb$ip$149.56.153.178
Date
Sat, 04 Jun 2022 07:02:41 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-CmZypCJE2pd8q9DVrkzTwxUtxUtnEjBoL4TX~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-CmZypCJE2pd8q9DVrkzTwxUtxUtnEjBoL4TX~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.233.42.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-42-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-CmZypCJE2pd8q9DVrkzTwxUtxUtnEjBoL4TX~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=53b20474-e3d4-11ec-9e45-a33c04345cd2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=53b20474-e3d4-11ec-9e45-a33c04345cd2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=53b20474-e3d4-11ec-9e45-a33c04345cd2
Date
Sat, 04 Jun 2022 07:02:41 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
53b20475-e3d4-11ec-9e45-a33c04345cd2
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=25D7ABA302DE40CDACD5FDD4F5407C54
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=25D7ABA302DE40CDACD5FDD4F5407C54
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:41 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=25D7ABA302DE40CDACD5FDD4F5407C54
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
x-varnish
750363543
content-length
0
142
match.deepintent.com/usersync/ Frame 5EFF 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:40 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
rtb.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_169133db-c4e8-48d7-8739-0fffd5896912&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TD2LFWDQ3ZZJJ3WCVTUL4ZE23ZTGZLXKJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=LzYl8o9JwaVt_2Mo36Wu&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=LzYl8o9JwaVt_2Mo36Wu&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.233.42.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-42-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=LzYl8o9JwaVt_2Mo36Wu&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=5818cbe3-0415-4bc2-b812-970695154f41
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=5818cbe3-0415-4bc2-b812-970695154f41
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=5818cbe3-0415-4bc2-b812-970695154f41
date
Sat, 04 Jun 2022 07:02:42 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1654326161904
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=em1JAirFG5LC&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=em1JAirFG5LC&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=em1JAirFG5LC&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5fbd64586c-f4jcc
expires
-1
usersync
usersync.gumgum.com/ Frame 5EFF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8867012480303613517
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8867012480303613517
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8867012480303613517
date
Sat, 04 Jun 2022 07:02:41 GMT
content-length
0
sync
ads.servenobid.com/ Frame 5EFF 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=u_169133db-c4e8-48d7-8739-0fffd5896912
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame B053
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
Sat, 04 Jun 2022 07:02:40 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master ord-pixel-x25 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame E138
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12832-YUL
x-timer
S1654326162.780695,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame EF1D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNjkxMzNkYi1jNGU4LTQ4ZDctODczOS0wZmZmZDU4OTY5MTI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0981 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145967
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 4DC7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&t=1656918161
35 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&t=1656918161
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.42.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-42-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sat, 04 Jun 2022 07:02:41 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
209
content-type
text/html
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://rtb.gumgum.com/usersync?b=ttd&i=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&t=1656918161
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 682A
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=1696151633887888005&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=1696151633887888005brt77741654326161870409ba
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=1696151633887888005brt77741654326161870409ba
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=1696151633887888005brt77741654326161870409ba
usersync
rtb.gumgum.com/ Frame E927
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YpsDksCo8YUAAKzuNAAAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YpsDksCo8YUAAKzuNAAAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.42.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-42-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sat, 04 Jun 2022 07:02:42 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 04 Jun 2022 07:02:42 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YpsDksCo8YUAAKzuNAAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
10
X-SO-HostName
m-ad25.dc4p.scaleout.jp
X-SO-IP
149.56.153.178
X-SO-Key
YpsDksCo8YUAAKzuNAAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":10,"gdpr":false,"ipv4":"149.56.153.178","key":"YpsDksCo8YUAAKzuNAAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad25"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad25
usersync
rtb.gumgum.com/ Frame 93A4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=DEf6JokJqJ47SmJlfWk4&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=DEf6JokJqJ47SmJlfWk4&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.42.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-42-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sat, 04 Jun 2022 07:02:42 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 04 Jun 2022 07:02:42 GMT Sat, 04 Jun 2022 07:02:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=DEf6JokJqJ47SmJlfWk4&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D25D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 04 Jun 2022 07:02:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
icon
onesignal.com/api/v1/apps/a5853a3d-6116-42c4-b999-60f55e998990/ 		176 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/a5853a3d-6116-42c4-b999-60f55e998990/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
905adca3d0ecbf611dcc90db0b0b6d4d061499928cdffbc6da75bc9c334f30ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
8
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d23c49fc-471f-4aab-a03a-b7ccea0250e6
x-runtime
0.006906
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"905adca3d0ecbf611dcc90db0b0b6d4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
715ecdef3939ca5f-YUL
access-control-allow-headers
SDK-Version
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame A27D 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235849
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
h7qJs91Wzta7cxaToApN-YV0INH6jq8zOF9wGExgEAiwe7R8T5kGGw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A27D 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8845604764087408
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e737f128fe1cfdfaf641083c27039cde46d4c6f07cba4ae5a8955cf302ab336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Origin
https://www.iphoneincanada.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56171
x-xss-protection
0
server
cafe
etag
11806785361314573024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:02:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A27D 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:41 GMT
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 515B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C0D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BF65 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame ECC8 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
MxuQmWJAznF2KUKPWJ_2J66oN8igTyFkkY59HMakE0vbXSCaRHcFjg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame ECC8 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8845604764087408
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb5d71d5152abef77af23e94ba7b2091a62ca67fbef70da48c8cf92cb0dcf446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Origin
https://www.iphoneincanada.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56180
x-xss-protection
0
server
cafe
etag
11260690895120580760
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:02:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECC8 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:42 GMT
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 326C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C70 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 64A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:38 GMT
expires
Sun, 04 Jun 2023 07:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
links.services.disqus.com/api/ 		358 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3f9d5efe49bc8ad992ed3f9dfdcca63150e9bd0266c12d0b5f28ef6561a88dc8

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
358
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 9CC5 		2 KB
845 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200d Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bc09aa985694ea25eb0f8f0524baa0cd3d9ce95e7ac0d10d387359fa0e01ed0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame 870F 		95 B
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/png
date
Sat, 04 Jun 2022 07:02:42 GMT
server
nginx/1.14.2
usync.js
eus.rubiconproject.com/ Frame 3E33 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4921bc2575a32b7a59fa32a43b3902353cc129f4ac8010d9187f5f232fffe30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70228
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sun, 05 Jun 2022 02:33:10 GMT
usync.js
eus.rubiconproject.com/ Frame D25D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4921bc2575a32b7a59fa32a43b3902353cc129f4ac8010d9187f5f232fffe30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70228
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sun, 05 Jun 2022 02:33:10 GMT
sync
ads.servenobid.com/ Frame D4EA 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8867012480303613517&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
711890.gif
id.rlcdn.com/ Frame D4EA 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/ Frame D4EA
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07bc220407b06c2f1279ae43&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07bc220407b06c2f1279ae43&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07bc220407b06c2f1279ae43&gdpr=0&gdpr_consent=
Date
Sat, 04 Jun 2022 07:02:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
/
rtb-csync.smartadserver.com/redir/ Frame D4EA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=LzYl8o9JwaVt_2Mo36Wu
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=LzYl8o9JwaVt_2Mo36Wu
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=LzYl8o9JwaVt_2Mo36Wu
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D4EA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=em1JAirFG5LC&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=em1JAirFG5LC&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=em1JAirFG5LC&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5fbd64586c-f4jcc
expires
-1
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.V6t4_p_Gq4Q.es5.O/d=1/rs=AOaEmlG5aVQQ1Nzbq1IrK83kwmDLwKDBZQ/ Frame 9CC5 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.V6t4_p_Gq4Q.es5.O/d=1/rs=AOaEmlG5aVQQ1Nzbq1IrK83kwmDLwKDBZQ/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bea78c9a7a2a221feb848ddac583f7a22f95d8dc5fdd28826147bb70b7d5cd87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 15:49:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34496
x-xss-protection
0
last-modified
Sat, 28 May 2022 05:40:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 May 2023 15:49:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A27D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZILFf8iVYukIz4hcjrKwFMJKZlfEKK7VEAcp7WqujIhZ6IhTkzEYuOIkAEfy7ATCNorDd9nKANHDNNbWo-2z1p0biEZmdKnlpanrVmx16P24tRbds-nyyMHJZatNP6DD-2CxLwePlhnV-QRU9bWSoGCG1dJcVQ1BkPEKRjSrzdJzgAA3cRZLLZnRmchUzi05z_Asn5VB01qzBOfNsjSfaGB5w5t1dhjUfFXGIr_xEdHfTSI_sOwMB5J1ddHN4Sq5yK8coZj8wZNZdPTh326wD7fCEJPpJ7yocwZ3X0traPZlJEWl3on7dm5bZqM2ud0hHDCUBVaBiZoilm69c9g&sig=Cg0ArKJSzNNrQeqGC6wrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync.gif
links.services.disqus.com/api/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5292c876-2373-4883-b256-ccd31918a614.png
img.onesignal.com/t/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/t/5292c876-2373-4883-b256-ccd31918a614.png
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a9f97bf603cd85135cc238daf928702fc1fae958b0cc1eccd4158bb165d98d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
cf-cache-status
HIT
x-amz-request-id
17QE9MK76RNW0T3K
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
135115
x-amz-id-2
qacS5zEw+e97EsmRMOygbldmmv3sMJRrTFj/nktbs9TggesY2495KSSm7ujKvQWPG2gdOiHBuRw=
last-modified
Thu, 27 Sep 2018 21:51:40 GMT
server
cloudflare
etag
"8c6f2f89079ac176355de0cbece656e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
715ecdf46c4e4bd6-YUL
expires
Tue, 05 Jul 2022 07:02:42 GMT
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame 515B 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61397
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
_cbwMc2PdSM0cYSabx8T8GxNiYQ-56MO7psP6Q_4hltNyzYuaJiwIg==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame 515B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
a1ziYEgaAIcpl0InyR_fA6n4f5-ne6lRcZGadAv2_5JcBKFQi4XJ0A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 515B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AK8EU1nk8-uPF-sYwfIyC9yp5VBkHg8FIovb-0m90gqAGFvYtqWxxDBk2hYHoqX6LBwfRhhQ1hvn5Ef3Vz95Pjkm3GQ1-1USygAglkQuLWgmUwkRs
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 515B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 515B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame 515B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrvALGjh9alK89MFx4HXV8Hp9Ta7J6vKeH90QGErF0wRQvF-Hrb7zM9IqPgJEDqqWULqJG7oAcCWyIRCQwhN-VzTMwzg
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 515B 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ECC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEt8Ab47JhcJ44zOUgaWhAZPW-8R6Up0ZLUyj9k6d_jSsbYRhucyx2BUFH9ODMTG1b5YQPW4i_IqOy8V6CIQ-pXZLqBRE_mewddB-3ys7XVa8bw4iEjO5eaY-ZZlYISGQWtyUFwh1sDvBYrjAd1kJiwysgVNHDHu9_6Y99D6vQpFqmCEzHp4vB9SwcTKl7TUrdQX6yfO5HPWz10AXxTyci22HGlpaofVmob9uz8uid3QANSypk6MgqOvXIQ2UXeAqZ2SsHltf9qtagw9Lj4VpvsQXrq1Leqz9AJcHX9KDNsEeSIakCGtORumfwCznN_e_7XOsSDwSgzq0KY9nBrOv5VUY0Og&sig=Cg0ArKJSzOWX6ymFBYzgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame C0D8 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61397
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
hIsX8h9WAcHn-yOYc-bQyf8qOnHcuOafGjIX7ISWkHW83Upa_J-qfg==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame C0D8 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
UeQsvrtZqJGzUHoy7nm9Inpzpegwyz7qOrYoPNvKN9d3xfhr9roQvA==
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame BF65 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61397
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6jcmAXhlcS4MZzfEKaggixolvmPxgJ5mq90Z2BOs3rdHKRhm8hVN_w==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame BF65 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
BjAIACHecxwEhxabjonkfdMlX1NJybQNHTELaJG6h00O5Y5tjaBJ7w==
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF65 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYoNgBR7xTEyGEDsZV1I1Wekp9cfbiv2xHEyKy9DPsqHwo6F8RG_f1_ebNHSaNrZZaYq-J69sIpA_yh6IALlP74cJuqDTSV2os3yUmrtHL-BKTRIk
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame BF65 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame BF65 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame BF65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUk7HBbs-B9YqI1UkCj--9_wSqze0SJNy6eQp2-EywhkZhA45Fb4voAty3V4UJBRKmiL_iXujLHCH_tWbx-ta_oTvCIg
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF65 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:42 GMT
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame 326C 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61397
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
qBL5ldhDIwVVwYGWRwSzwAgRKx15ZPQWt3mfz6asDX5uViSP_ENgzw==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame 326C 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
o6Kh07Qh1YUTpYl9oNGkEeo_oMN686_0EihR1U97zhiFjLkT-UqAIA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 326C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfTjE_0VmvIp3hweTwmuKXKPjJ8wIgmSfaK4bsmPgsoC-XNS7w5PyUdyS26fT4sQHUDSvfLBjx26qqoHGCV6wbYAZHYz_E90RyEFGH_CbzRvnN8cc
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 326C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 326C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame 326C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxip6rabCDLRXX36pFjJa682i6ykb9E1A0HVk8F3_Qs0sSMsV0M8XLu1vTik3fyXSLFqR8CXRJVCw3TCCIT5_0g6fQYg
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 326C 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:42 GMT
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame 8D3E 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61397
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Eguyqg8Jrgd0wwW3Mr_KkqRchaDVKjB3Vw1Dp2QCfv3VTtc3LNOIBg==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame 8D3E 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
FYk0NGnZIm52MwYt0VPtm2yfvAcnqRSk_mZSYqkXR-OkZV3U0wOqVw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D3E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHdiCQWev1rECsjE4lTYBbGu3IsfUBqLLUkRNuliwZDa-_8Z19g6sE33proiIjk7v72nl8kzLFUhdvXwUcOoKmdkY3UJ9BqySdFtwauyVHa7RMUVQ
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8D3E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8D3E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame 8D3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDEpMzsjnFDYA4gz9jCzxWnYWDF8JgkrmYHHu9WolgUAdpoXX78zxjmfguCW0nu8-Kshhekc07yPsUMTN1nsBJx2D43w
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8D3E 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:42 GMT
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame 5C70 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61397
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-QDZCzPsktrsy1kErY1Ll8aRG9B6Zx7P27K3QsbVesn45AC7QkxGWg==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame 5C70 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fk56bEyzgweA7f-zkIfVTW__bCZnMsfOguMOm_noPhnJ_B7qnv8M_A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C70 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-HekeKvTCkA88yL_MVUG2Ndntbtb65ecyAHgZGrDnEUB8-3i9Jgof9Nu30OQtKK53nSNukSWTtyfO2drzZcPGLDv_-6HMPZ_pykgHVuLaH9YWupA
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 5C70 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 5C70 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame 5C70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8cPSilmfBOaHEYD8R7XYLcZL_gz7JgO42-CToi5_chtWQ3MH5gmshsn023UCeYxOWTmnyKV5wGCp4DXO16vKc0OGFAw
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C70 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:42 GMT
bl-fe8bb3e-1dc97932.js
tagan.adlightning.com/math-aids/ Frame 64A8 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/bl-fe8bb3e-1dc97932.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:59:26 GMT
content-encoding
gzip
age
61397
x-cache
Hit from cloudfront
content-length
19997
x-amz-meta-git_commit
fe8bb3e
last-modified
Fri, 03 Jun 2022 13:31:29 GMT
server
AmazonS3
etag
"ba3cf0737a212bee0a646061f015cf91"
x-amz-version-id
rWu.64CfiPvmY8GiizKapnID0TfOFwq2
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
YLqKP5owpF4_3I5vZb2Eb9dAkUiRLF1kJzsJQQBTjf8dfrgsNfAzhA==
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/ Frame 64A8 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.100.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-100-81.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:11:52 GMT
content-encoding
gzip
age
3235850
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 d53f9194ef3f12e45f8784f65a5c574e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
KIX50-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
NkFEMIdSNf_B9-PccJaoDJKImcLiT8huCdaYgtqddQfFMUgsnh21lA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cls1--mlwLHHBdH80DrCgIlMX_bdKbjdUFEywvXfOpZkhCw8EEg3m5xsxnBkxseKi9sdgV1XVpaODwi0IzYLxRPTGDg7a0ELFKryPGs-TT-G4if38
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 64A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 64A8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame 64A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbDwBkZBSsx5tO0qGpeBMN6auepjPJCQldVNE1KyNMg-GWtLa7fW5vofNzO8Q5CKsNXCj5H_WdQ5aOl6lBJzhr5tyvpw
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 64A8 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:42 GMT
domains
links.services.disqus.com/api/ 		53 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
378c4bbca2b0b4894342636863a35a8396528e0911a947aed96fea41285f2697

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:42 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
53
Expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame A27D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8514a1b244c66efa8075fbbb5fb57cb9a50d447cde7689682d16189a5d36a6a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ECC8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6d3903f57549bccef9cf72a7c7b3a429bba8c954eb60799f44a6e972150d975

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/ Frame A27D 		323 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_fy2019.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f60d93dc6899ba2905c8299a1d34e0211db53e75b063e99fd8f9af3c7939d00d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117447
x-xss-protection
0
server
cafe
etag
2710890563776646750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:02:42 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ Frame ECC8 		339 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js?bust=31067887
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66f307da6d0f916726c3bbc0301a079a05240a218c1eb34cc82dd3fbc6ccb56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122334
x-xss-protection
0
server
cafe
etag
3467148682300246908
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:02:42 GMT
match
events-ssc.33across.com/ Frame 3E33
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L3ZJ2XP4-T-4YFE
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L3ZJ2XP4-T-4YFE
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3ZJ2XP4-T-4YFE&ts=1654326163&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3ZJ2XP4-T-4YFE&ts=1654326163&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:43 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:42 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L3ZJ2XP4-T-4YFE&ts=1654326163&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usersync
usersync.gumgum.com/ Frame D25D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L3ZJ2XP4-T-4YFE
  • https://usersync.gumgum.com/usersync?b=mag&i=L3ZJ2XP4-T-4YFE
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L3ZJ2XP4-T-4YFE
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L3ZJ2XP4-T-4YFE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
iframerpc
accounts.google.com/o/oauth2/ Frame 9CC5 		49 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.V6t4_p_Gq4Q.es5.O/d=1/rs=AOaEmlG5aVQQ1Nzbq1IrK83kwmDLwKDBZQ/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200d Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-mvIy4rWHj-pFr3hGDTWZXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-mvIy4rWHj-pFr3hGDTWZXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires
Sat, 04 Jun 2022 07:02:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 89E4 		645 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYncysygEwAQ&v=APEucNW0lMbSo_AKuhBelBJqJnoz9xraF4-31Z_QytuVN_I5z_Xcc3lZOzJmvdUXsuzIAYnEQFTVdXuJpjGK2Awg3f-5wJc5WzcbfntN1e7KDaGB9cXCpQo
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 515B 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaaEJVtPeuR7QLm8h1T-T-3_y1LY58MdZ69e1BP5eMZcNZ-iPX_QYJCCe1zJySSrkDmVrwXc9aGw3PIe0cbDi00cex1ajvhfzhw0lJlsUwOpGIBjH4mPiIjQTJU830uuM30TMJ4Rj6oKt1LTUWjl4Jq0NChA&dbm_d=AKAmf-BbFIx6h_UhtXLvex54mNBT5VEEwjugYb40UpOvjE6TnXtkIRQlpwWMOu3Tt48JyQusaIcua2V7kEQK0bXbrajoco2J2BkuxT7PLwUi0s8rol0gUTBQVpv3PoB72MAKmX7ndd2n9zJ3KVPajO87co1xm8ykR7O-c1Gb-it2A4hG5iOKk0MWy4u_SPYfAj_DXU_zf44I8UaMR_HuC363sFjrl884H5jAylEam8cqpm8hcQu60qy5TN8AjC9ZlbrO4GGTCjGhXK5izvSekjJgON6CeFRpPIuFYQYoZDWlhLvayFY3IH38RuutikusDmu-RzDtlSEWjDFgxu1_Abw3JoccayXFMDT83fIqSc_OCDIKMJayrSKjg1HOHnPxam-oF8afvgMXZBrHpD8caE7hfowZww0yaUHz2mpuJAb7QADfj255hgBAaVumzYU5nCw8vm6U9Z3fP-OSTvHH0-vYoZNQvcmTsfJeVHWgVxenFu-_8-3oIvtOB49bZsLOU0ujYDb-nTSn3MIQLgIYh2nOt7eJPJ-yZqiYE3aFK2fEFetpUOiDj6tXTmwoiMacwYBnhuWfyq7B1CzPr1APdhdjK8tzGae266ekjY9zxJm7bNGt8NyIM2LgN6_nD92ON1x7TBtvaPZACdNBg-fXhjwFgz2Dy5rAcm2Nng5lrTEkLn_O_tZ2VnDnG0N6h1U6zQ7vW1FiDqXOKzx7dNd_RoQXHJK55btfykUHTfjZ7pEkfg0rTYEWwkY7B76f5Wjkuhi7PmpIMQ7VX5Ia7gW2pZg_zZjUCwaTp_N0Fwjoxgn4-uEw9EaMTCXMj0hqgoM-qWCQ7s9dpVEmHF40VR5DsoVtvYL1-_a5xCvQEtbKrrrryeEu9WhQWE-Pg2FROtD2TkbG4CsjpKrsQwGLPxeCfX2hSko2fOzed-uGF6bYKPI06wujru2iW05dAvOi97JpSQo3jS1Uiw4RglhGDPpH28OYN8OOdMyu_yfCzT9xyxF8CJvvDjMHgrjhEoAv0uRR_Iz7hE_RN_5e43Xulqf6RYWyj6bmgZygSqqqixRM7B1T-Wbp1dluNMxhv0Fe9NUs_SC-AldkSYnLhoy_MdGo5CjpK_RzVlGPRPBK2i4KycqmlxwfPUqPLCyP32cOUYJvzm5MhdDJF0eVl0AF6LtRe-SsH1ela9oWPMPzEGqOZr5DNT1beoAr41_4U320SYz7cZqxdVxt1nlfQey8PwCaD4KAu7OUhOzEwmHhoqOlo_tt0Qpiz-ljghnCOa6ROJnzPav2JcVpHpspTGA6WCK-5rRcgvcL_0aLL-sHzQ8eUtcB8nGDDheAAEwrOYnbW4wrpyEA5RrG0ioBkM6g_NTwGtbctQ-UXrUZjF8B-fJDGTuRsZF_jdpqT5PSWrVdgTggBc0YURMqQpD-oSf7q306cOsfjMUrIZilpb93P5OZ3j2zEOJCqvdtUeivkGmK37BJhpkUbEW_RvGoL8P9amqWk4k9Uiv-J6Rmsk0RyajY5ga7FwHJ_7mONDk2uzeXuIH_fk1g4UfYe37kmDdtJtVBkQy1EIIxYO4hC9PnEhXt0KoVEQIkieVWH5u55pAQIvcQ4wtHglvqthaXvUIExPYrYray-8eXxMkQ21ySWO1zRRDwwU1dEOikD3sZic2PYO93TFUwcNnqNTYxPYX1iE2pgC9sTXl3psd47Kc_k5g9FSAsEfcQAyKr3V8D64FhCOLzlUDqV5MubiemU7G1m3t8-1e7fF4P9PbLMoBs_RGENBepxriNTejdOx78hqlp4c1TJHsX6HwYwR_SGMOcHL0LWSCBadIcP2mT5m9n2oMXoU_dyLvo0y0LqIAIQbor5mW7VZseSLKiVRJAljDcUzU0wnba__8-yFOeeEjyfwLBKJjxru_uM1oD5iuT9ti18slyjtJJcpCnvpa5CIh9vYdy0U6A1wHMBWWS1GcJernCXE2Q9k3_GtoyGZuWUY-ksIm-1ydcT3auNKB6NlUg_ndr5I4zs2wZ4dMCiY0efGFQyxC0mjfJNsEpvTqK9x5gEKIaFY8sDzYbMs1uXnYRr7Ij_M7-20efUMa9_uPseMpQxKaEwI_mX2fAVXKBDkx8gkXbTdxhQa5onW-P5RzSrQ1YL2K5jvauWYw71R_xmnQ0fimw484imMIr78EbtO1Ptn9Rweba-xLkzFgZEyUSfgp9HJXOuBmaRfWdVyUingcyJwvIWdzqtIFmmPMxtnM6siilhvGALmCtrtQMvwIM_qh5duwF6bGXx1enO1SwIHkqlAeOyvgPagCwudgnBClamAK21fdkN9P8vdwINno18XFd0knTkMqBCKiwxKRaaraU0bjg-3IPrJe2dVdb1zqa34UFesX2FMRxdDEQlissgOsL4vPqsmbIag6B04l3tjKCVQdxODKWQSbI866MlRmlRWqcl8BeTX8ljpjjRg0C6Mor5dyFLl4qdiNbT2XXKIzQA2Q69hROLU6Jt2AV4HpnxnkEWVOOO6shMl0-1l2ZiTbC8geY594RF8wKLOkqjP9zNHZfYbg-aQHrf_ejAW6RY90M0rQrUUqw6MoeZhCLFA3MtDGZYiIXKEF5rBlmtfvekBv72oKfbRo4RHHrUWfyUo8Xs5jmmJT3FMkl8FHEgZEsaCAPGoly5f_yZhRRgU6doT8sbLZqNuv6PooUhuN7z309F2GE4LB1PYbeA4ovzJBlasXdkv9JHFz7x0XAEryAjNDKeo2wUcf-b4nSKK5xN8u97fy_1b2dmuG4GY2kHb9ISlOdo2oQr8uQ9zlyzPsz1XipFKt6k-N_yGSilrH1CENio5v0ajuOVyH7ALYeVJ8UkJ7jyzZaIdE2aJcUhVmWMy-it57KiI8UfynKreuBU0aYljXVWQBe0O3vc8DcoWgRbifWiVRU-jCyzR84XWOcbdmsHd58SR7v9Uhx86nUPb9AUucuWTMF4WxoFs68GdNCIaCGQa2gtMPBSLBVSH1XR2WhcEOF0cGkWxoISzPD3aMfqZUNTPBJaYGlhwe6Aocq-Ja0_6r6dCn5mPr8bRvMg0_3a7zxIZDmYnGil1Vp8YLPJ5UvPu0WAhV3r4G2acBy6Anq3QzJjxkCRFXeDDrm3r_14qT9hNcQ70oGwZTUymmePrZnlsHlXZD0zp74YeZZEMWo5GkuzEBB3A&cid=CAASJeRooXOLTdsOcUfmGW9kjBENbeqPVAf1GTGXYKY7IzC3djOG4_4&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2033806e677673f5d62ad234868d2bb20768840d89ed88ccf80322e4acaee61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32941
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-tagan.adlightning.com/place?p=0&d=eyJzaXRlSWQiOiJtYXRoLWFpZHMiLCJ1cmwiOiJodHRwczovL3d3dy5pcGhvbmVpbmNhbmFkYS5jYS9uZXdzL3ByZWRhdG9yLXNweXdhcmUtZm9yLWlwaG9uZXMtdW5jb3ZlcmVkLWJ5LXRvcm9udG8tcmVzZWFyY2hlcnMvIiwiYWRVbml0IjoiLzIyNDA0MzM3NDY3LDEwMTg1NTYvaXBob25laW5jYW5hZGEtNzI4eDkwLVN0aWNreV8wIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6IjUwMjQ1NjkzNzQiLCJjYW1wYWlnbklkIjoiMjg4NzU2MzczOCIsImNyZWF0aXZlSWQiOiIxMzgzOTM4OTc0MjIiLCJsaW5laXRlbUlkIjoiNTc1Mjg0NzQwOSIsImFkU2VydmVyIjoiZGZwIiwieWllbGRHcm91cElkcyI6WzI4NTgzN119LCJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwLCJ3diI6IjEuMC4wK2M1YzFjMjkiLCJidiI6ImJsLWZlOGJiM2UtMWRjOTc5MzI7Yi1jNWMxYzI5LTkzYzAzMDA4IiwibWV0YSI6eyJibGFja2xpc3RTdGF0dXMiOnsibG9hZGVkIjp0cnVlLCJjb3VudCI6MTAyMiwiZmlyc3RJdGVtIjp7InQiOiJleHBlcnQyNC4iLCJhIjoxMH19LCJibG9ja2VkSW5mbyI6eyJyZWZyZXNoZWRDb3VudCI6MCwiYmxvY2tlZENvdW50IjowLCJoZWF2eUFkQmxvY2tlZENvdW50IjowLCJoZWF2eUFkUmVmcmVzaGVkQ291bnQiOjB9LCJwbFJhdGlvIjowLjAxfSwidGFnTWFya3VwIjoiPGh0bWw%2BPGhlYWQ%2BXG4gICAgPG1ldGEgY2hhcnNldD1cIlVURi04XCI%2BXG4gICAgPHRpdGxlPlNhZmVGcmFtZSBDb250YWluZXI8L3RpdGxlPlxuICAgIDxzY3JpcHQ%2BXG4oZnVuY3Rpb24oKXsvKlxuXG4gQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy5cbiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMFxuKi9cbnZhciBtPXRoaXN8fHNlbGYsdz1mdW5jdGlvbihhKXtyZXR1cm4gYX07dmFyIHg7dmFyIHo9ZnVuY3Rpb24oYSxiLGMpe3RoaXMuZz1jPT09eT9hOlwiXCJ9O3oucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXMuZy50b1N0cmluZygpfTt2YXIgeT17fTt2YXIgQz1mdW5jdGlvbihhLGIpe3ZhciBjPXZvaWQgMD09PWM%2Fe306Yzt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fFwiXCI7dGhpcy5pZD1iLmlkfHxcImpzZXJyb3JcIjt0aGlzLm1ldGE9Y307dmFyIEQ9ZnVuY3Rpb24oYSl7RFtcIiBcIl0oYSk7cmV0dXJuIGF9O0RbXCIgXCJdPWZ1bmN0aW9uKCl7fTt2YXIgRT0vXig%2FOihbXjovPyMuXSspOik%2FKD86XFwvXFwvKD86KFteXFxcXC8%2FI10qKUApPyhbXlxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXC8%2FI118JCkpPyhbXj8jXSspPyg%2FOlxcPyhbXiNdKikpPyg%2FOiMoW1xcc1xcU10qKSk%2FJC87dmFyIEk9ZnVuY3Rpb24oYSxiKXtpZihhKWZvcih2YXIgYyBpbiBhKU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChhLGMpJiZiLmNhbGwodm9pZCAwLGFbY10sYyxhKX07dmFyIEo9L15odHRwcz86XFwvXFwvKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3xcXC98JCkvLEs9ZnVuY3Rpb24oYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn0sTD1mdW5jdGlvbihhLGIpe3RoaXMudXJsPWE7dGhpcy5qPSEhYjt0aGlzLmRlcHRoPW51bGx9O3ZhciBNPWZ1bmN0aW9uKGEpe20uZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwobS5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO3ZhciBiPW0uZG9jdW1lbnQuY3JlYXRlRWxlbWVudChcImltZ1wiKTtiLnNyYz1hO20uZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goYil9O3ZhciBOPWZ1bmN0aW9uKCl7dGhpcy5pPVwiJlwiO3RoaXMuaD17fTt0aGlzLm89MDt0aGlzLmc9W119LE89ZnVuY3Rpb24oYSxiKXt2YXIgYz17fTtjW2FdPWI7cmV0dXJuW2NdfSxVPWZ1bmN0aW9uKGEsYixjLGQsZyl7dmFyIGU9W107SShhLGZ1bmN0aW9uKGYsayl7KGY9VChmLGIsYyxkLGcpKSYmZS5wdXNoKGsrXCI9XCIrZil9KTtyZXR1cm4gZS5qb2luKGIpfSxUPWZ1bmN0aW9uKGEsYixjLGQsZyl7aWYobnVsbD09YSlyZXR1cm5cIlwiO2I9Ynx8XCImXCI7Yz1jfHxcIiwkXCI7XCJzdHJpbmdcIj09dHlwZW9mIGMmJihjPWMuc3BsaXQoXCJcIikpO2lmKGEgaW5zdGFuY2VvZiBBcnJheSl7aWYoZD1kfHwwLGQ8Yy5sZW5ndGgpe2Zvcih2YXIgZT1bXSxmPTA7ZjxhLmxlbmd0aDtmKyspZS5wdXNoKFQoYVtmXSxiLGMsZCsxLGcpKTtyZXR1cm4gZS5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBnPWd8fDAsMj5nP2VuY29kZVVSSUNvbXBvbmVudChVKGEsYixjLGQsZysxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9LFc9ZnVuY3Rpb24oYSl7dmFyIGI9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWpzZXJyb3ImXCIsYz1WKGEpLTI3O2lmKDA%2BYylyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKG4sQSl7cmV0dXJuIG4tQX0pO2Zvcih2YXIgZD1udWxsLGc9XCJcIixlPTA7ZTxhLmcubGVuZ3RoO2UrKylmb3IodmFyIGY9YS5nW2VdLGs9YS5oW2ZdLGw9MDtsPGsubGVuZ3RoO2wrKyl7aWYoIWMpe2Q9bnVsbD09ZD9mOmQ7YnJlYWt9dmFyIGg9VShrW2xdLGEuaSxcIiwkXCIpO2lmKGgpe2g9ZytoO2lmKGM%2BPWgubGVuZ3RoKXtjLT1oLmxlbmd0aDtiKz1oO2c9YS5pO2JyZWFrfWQ9bnVsbD09ZD9mOmR9fWE9XCJcIjtudWxsIT1kJiYoYT1nK1widHJuPVwiK2QpO3JldHVybiBiK2ErXCJcIn0sVj1mdW5jdGlvbihhKXt2YXIgYj0xLGM7Zm9yKGMgaW4gYS5oKWI9Yy5sZW5ndGg%2BYj9jLmxlbmd0aDpiO3JldHVybiAzOTk3LWItYS5pLmxlbmd0aC0xfTt2YXIgWD1mdW5jdGlvbihhKXtpZiguMDE%2BTWF0aC5yYW5kb20oKSl0cnl7aWYoYSBpbnN0YW5jZW9mIE4pdmFyIGI9YTtlbHNlIGI9bmV3IE4sSShhLGZ1bmN0aW9uKGQsZyl7dmFyIGU9YixmPWUubysrO2Q9TyhnLGQpO2UuZy5wdXNoKGYpO2UuaFtmXT1kfSk7dmFyIGM9VyhiKTtjJiZNKGMpfWNhdGNoKGQpe319O3ZhciBZPWZ1bmN0aW9uKGEpe3ZhciBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3ZhciBjPWI7dHJ5ey0xPT1hLmluZGV4T2YoYykmJihhPWMrXCJcXG5cIithKTtmb3IodmFyIGQ7YSE9ZDspZD1hLGE9YS5yZXBsYWNlKC8oKGh0dHBzPzpcXC8uLipcXC8pW15cXC86XSo6XFxkKyg%2FOi58XFxuKSopXFwyLyxcIiQxXCIpO2I9YS5yZXBsYWNlKC9cXG4gKi9nLFwiXFxuXCIpfWNhdGNoKGcpe2I9Y319cmV0dXJuIGJ9O3ZhciBhYT0vXihbXjtdKyk7KFxcZCspOyhbXFxzXFxTXSopJC8sYmE9ZnVuY3Rpb24oKXt2YXIgYT13aW5kb3cubmFtZSxiPWFhLmV4ZWMoYSk7aWYobnVsbD09PWIpdGhyb3cgRXJyb3IoXCJDYW5ub3QgcGFyc2Ugc2VyaWFsaXplZCBkYXRhLiBcIithLnN1YnN0cmluZygwLDUwKSk7YT0rYlsyXTt2YXIgYz1iWzNdO2lmKGE%2BYy5sZW5ndGgpdGhyb3cgRXJyb3IoXCJQYXJzZWQgY29udGVudCBzaXplIGRvZXNuJ3QgbWF0Y2guIFwiK2ErXCI6XCIrYy5sZW5ndGgpO3JldHVybnttOmJbMV0sY29udGVudDpjLnN1YnN0cigwLGEpLGw6Yy5zdWJzdHIoYSl9fTt2YXIgWj1udWxsLGRhPWZ1bmN0aW9uKGEpe3ZhciBiPWEubGVuZ3RoLGM9MypiLzQ7YyUzP2M9TWF0aC5mbG9vcihjKTotMSE9XCI9LlwiLmluZGV4T2YoYVtiLTFdKSYmKGM9LTEhPVwiPS5cIi5pbmRleE9mKGFbYi0yXSk%2FYy0yOmMtMSk7dmFyIGQ9bmV3IFVpbnQ4QXJyYXkoYyksZz0wO2NhKGEsZnVuY3Rpb24oZSl7ZFtnKytdPWV9KTtyZXR1cm4gZC5zdWJhcnJheSgwLGcpfSxjYT1mdW5jdGlvbihhLGIpe2Z1bmN0aW9uIGMobCl7Zm9yKDtkPGEubGVuZ3RoOyl7dmFyIGg9YS5jaGFyQXQoZCsrKSxuPVpbaF07aWYobnVsbCE9bilyZXR1cm4gbjtpZighL15bXFxzXFx4YTBdKiQvLnRlc3QoaCkpdGhyb3cgRXJyb3IoXCJVbmtub3duIGJhc2U2NCBlbmNvZGluZyBhdCBjaGFyOiBcIitoKTt9cmV0dXJuIGx9ZWEoKTtmb3IodmFyIGQ9MDs7KXt2YXIgZz1jKC0xKSxlPWMoMCksZj1jKDY0KSxrPWMoNjQpO2lmKDY0PT09ayYmLTE9PT1nKWJyZWFrO2IoZzw8MnxlPj40KTs2NCE9ZiYmKGIoZTw8NCYyNDB8Zj4%2BMiksNjQhPWsmJmIoZjw8NiYxOTJ8aykpfX0sZWE9ZnVuY3Rpb24oKXtpZighWil7Wj17fTtmb3IodmFyIGE9XCJBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MDEyMzQ1Njc4OVwiLnNwbGl0KFwiXCIpLGI9W1wiKy89XCIsXCIrL1wiLFwiLV89XCIsXCItXy5cIixcIi1fXCJdLGM9MDs1PmM7YysrKWZvcih2YXIgZD1hLmNvbmNhdChiW2NdLnNwbGl0KFwiXCIpKSxnPTA7ZzxkLmxlbmd0aDtnKyspe3ZhciBlPWRbZ107dm9pZCAwPT09WltlXSYmKFpbZV09Zyl9fX07KGZ1bmN0aW9uKGEpe2lmKHdpbmRvdy5uYW1lKXt2YXIgYj1mdW5jdGlvbihlKXt0cnl7dmFyIGY9bmV3IE47Zi5nLnB1c2goMSk7Zi5oWzFdPU8oXCJjb250ZXh0XCIsNTA3KTtlLmVycm9yJiZlLm1ldGEmJmUuaWR8fChlPW5ldyBDKGUse21lc3NhZ2U6WShlKX0pKTtpZihlLm1zZyl7dmFyIGs9ZS5tc2cuc3Vic3RyaW5nKDAsNTEyKTtmLmcucHVzaCgyKTtmLmhbMl09TyhcIm1zZ1wiLGspfXZhciBsPVtlLm1ldGF8fHt9XTtmLmcucHVzaCgzKTtmLmhbM109bDtsPW07az1bXTtlPW51bGw7ZG97dmFyIGg9bDt0cnl7dmFyIG47aWYobj0hIWgmJm51bGwhPWgubG9jYXRpb24uaHJlZiliOnt0cnl7RChoLmZvbyk7bj0hMDticmVhayBifWNhdGNoKEIpe31uPSExfXZhciBBPW59Y2F0Y2goQil7QT0hMX1pZihBKXt2YXIgcj1oLmxvY2F0aW9uLmhyZWY7ZT1oLmRvY3VtZW50JiZoLmRvY3VtZW50LnJlZmVycmVyfHxudWxsfWVsc2Ugcj1lLGU9bnVsbDtrLnB1c2gobmV3IEwocnx8XCJcIikpO3RyeXtsPWgucGFyZW50fWNhdGNoKEIpe2w9bnVsbH19d2hpbGUobCYmaCE9bCk7cj0wO2Zvcih2YXIgdD1rLmxlbmd0aC0xO3I8PXQ7KytyKWtbcl0uZGVwdGg9dC1yO2g9bTtpZihoLmxvY2F0aW9uJiZoLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyYmaC5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoPT1rLmxlbmd0aC0xKWZvcih0PTE7dDxrLmxlbmd0aDsrK3Qpe3ZhciB1PWtbdF07dS51cmx8fCh1LnVybD1oLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2luc1t0LTFdfHxcIlwiLHUuaj0hMCl9dmFyIHA9bmV3IEwobS5sb2NhdGlvbi5ocmVmLCExKTtoPW51bGw7dmFyIEY9ay5sZW5ndGgtMTtmb3IodT1GOzA8PXU7LS11KXt2YXIgcT1rW3VdOyFoJiZKLnRlc3QocS51cmwpJiYoaD1xKTtpZihxLnVybCYmIXEuail7cD1xO2JyZWFrfX1xPW51bGw7dmFyIGZhPWsubGVuZ3RoJiZrW0ZdLnVybDswIT1wLmRlcHRoJiZmYSYmKHE9a1tGXSk7dmFyIHY9bmV3IEsocCxxKTtpZih2Lmgpe3ZhciBoYT12LmgudXJsfHxcIlwiO2YuZy5wdXNoKDQpO2YuaFs0XT1PKFwidG9wXCIsaGEpfXZhciBHPXt1cmw6di5nLnVybHx8XCJcIn07aWYodi5nLnVybCl7dmFyIEg9di5nLnVybC5tYXRjaChFKSxQPUhbMV0sUT1IWzNdLFI9SFs0XTtwPVwiXCI7UCYmKHArPVArXCI6XCIpO1EmJihwKz1cIi8vXCIscCs9USxSJiYocCs9XCI6XCIrUikpO3ZhciBTPXB9ZWxzZSBTPVwiXCI7Rz1bRyx7dXJsOlN9XTtmLmcucHVzaCg1KTtmLmhbNV09RztYKGYpfWNhdGNoKEIpe3RyeXtYKHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6NTA3LG1zZzpZKEIpLHVybDp2JiZ2LmcudXJsfSl9Y2F0Y2goaWEpe319fTt0cnl7dmFyIGM9YmEoKSxkPUpTT04ucGFyc2UoYy5sKSxnPXZvaWQgMD09PWQuZW5jcnlwdGlvbk1vZGU%2FbnVsbDpkLmVuY3J5cHRpb25Nb2RlO3dpbm&i=1-2&t=adltag_l3zj303a_74uzjT3U5yd&r=22032afff8887fcbde6fe257120bccd&c=math-aids&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
jojxxrFPUieh9ZPhCvt1MB6RWikJaj0q
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
18215
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:14 GMT
server
AmazonS3
date
Sat, 04 Jun 2022 01:59:10 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
x-amz-cf-id
08yXAXoXsB19BMlbHrnW8TzxmDznfdf4FuPNaQMGyBnHq7f5y575bA==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
428 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-tagan.adlightning.com/place?p=0&d=Rvdy5uYW1lPVwiXCI7YShjLmNvbnRlbnQsZyxmdW5jdGlvbihlKXtkLmdvb2dfc2FmZWZyYW1lX2hsdCYmKG0uZ29vZ19zYWZlZnJhbWVfaGx0PWQuZ29vZ19zYWZlZnJhbWVfaGx0KTtkLl9jb250ZXh0JiYobS5BTVBfQ09OVEVYVF9EQVRBPWQuX2NvbnRleHQpO20uc2ZfPXt2OmMubSxjZmc6ZH07ZG9jdW1lbnQub3BlbihcInRleHQvaHRtbFwiLFwicmVwbGFjZVwiKTtpZih2b2lkIDA9PT14KXt2YXIgZj1udWxsO3ZhciBrPW0udHJ1c3RlZFR5cGVzO2lmKGsmJmsuY3JlYXRlUG9saWN5KXt0cnl7Zj1rLmNyZWF0ZVBvbGljeShcImdvb2cjaHRtbFwiLHtjcmVhdGVIVE1MOncsY3JlYXRlU2NyaXB0OncsY3JlYXRlU2NyaXB0VVJMOnd9KX1jYXRjaChsKXttLmNvbnNvbGUmJm0uY29uc29sZS5lcnJvcihsLm1lc3NhZ2UpfXg9Zn1lbHNlIHg9Zn1lPShmPXgpP2YuY3JlYXRlSFRNTChlKTplO2U9bmV3IHooZSxudWxsLHkpO2RvY3VtZW50LndyaXRlKGUgaW5zdGFuY2VvZiB6JiZlLmNvbnN0cnVjdG9yPT09ej9lLmc6XCJ0eXBlX2Vycm9yOlNhZmVIdG1sXCIpO2RvY3VtZW50LmNsb3NlKCk7bS5zZl8mJih3aW5kb3cubmFtZT1cIlwiKX0sYil9Y2F0Y2goZSl7YihlKX19fSkoZnVuY3Rpb24oYSxiLGMpe2lmKDI9PT1iKXtiPW5ldyBUZXh0RGVjb2Rlcjt2YXIgZD0vPHN0YXJ0Z3VhcmQ%2BKC4qKTxlbmRndWFyZD4vZy5leGVjKGEpO2lmKGE9Yi5kZWNvZGUuY2FsbChiLGRhKGQmJmRbMV0%2FZFsxXTphKSkpYj1hLnRvTG93ZXJDYXNlKCksYT0tMTxiLmluZGV4T2YoXCI8IWRvY3R5cGVcIil8fC0xPGIuaW5kZXhPZihcIjxodG1sXCIpP2E6XCI8IWRvY3R5cGUgaHRtbD48aHRtbD48aGVhZD48L2hlYWQ%2BPGJvZHk%2BXCIrYStcIjwvYm9keT48L2h0bWw%2BXCJ9YyhhKX0pO30pLmNhbGwodGhpcyk7XG4gICAgPC9zY3JpcHQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMvYmwtZmU4YmIzZS0xZGM5NzkzMi5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy9iLWM1YzFjMjktOTNjMDMwMDguanNcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdD52YXIgZD1kZWNvZGVVUklDb21wb25lbnQoXCIlN0IlMjJzaXRlSWQlMjIlM0ElMjJtYXRoLWFpZHMlMjIlMkMlMjJ3diUyMiUzQSUyMjEuMC4wJTJCYzVjMWMyOSUyMiUyQyUyMmJsdiUyMiUzQSUyMmJsLWZlOGJiM2UtMWRjOTc5MzIlMjIlMkMlMjJidiUyMiUzQSUyMmItYzVjMWMyOS05M2MwMzAwOCUyMiUyQyUyMnRvcERvbWFpbiUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmlwaG9uZWluY2FuYWRhLmNhJTJGbmV3cyUyRnByZWRhdG9yLXNweXdhcmUtZm9yLWlwaG9uZXMtdW5jb3ZlcmVkLWJ5LXRvcm9udG8tcmVzZWFyY2hlcnMlMkYlMjIlMkMlMjJjdXJyZW50VGFnSWQlMjIlM0ElMjJhZGx0YWdfbDN6ajMwM2FfNzR1empUM1U1eWQlMjIlMkMlMjJhdSUyMiUzQSUyMiUyRjIyNDA0MzM3NDY3JTJDMTAxODU1NiUyRmlwaG9uZWluY2FuYWRhLTcyOHg5MC1TdGlja3lfMCUyMiUyQyUyMnNsb3RFbGVtZW50SWQlMjIlM0ElMjJkaXYtZ3B0LWFkLTE2Mjc2ODAwMTkzNDUtMCUyMiUyQyUyMnJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJibG9ja2VkQ291bnQlMjIlM0EwJTJDJTIyaGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJoZWF2eUFkQmxvY2tlZENvdW50JTIyJTNBMCUyQyUyMmFkU2VydmVyRGV0YWlscyUyMiUzQSU3QiUyMmFkdmVydGlzZXJJZCUyMiUzQSUyMjUwMjQ1NjkzNzQlMjIlMkMlMjJjYW1wYWlnbklkJTIyJTNBJTIyMjg4NzU2MzczOCUyMiUyQyUyMmNyZWF0aXZlSWQlMjIlM0ElMjIxMzgzOTM4OTc0MjIlMjIlMkMlMjJsaW5laXRlbUlkJTIyJTNBJTIyNTc1Mjg0NzQwOSUyMiUyQyUyMmFkU2VydmVyJTIyJTNBJTIyZGZwJTIyJTJDJTIyeWllbGRHcm91cElkcyUyMiUzQSU1QjI4NTgzNyU1RCU3RCUyQyUyMnclMjIlM0E3MjglMkMlMjJoJTIyJTNBOTAlMkMlMjJzYWZlRnJhbWVLZXklMjIlM0ElMjI4MzQ2MjkxNyUyMiU3RFwiKTt3aW5kb3dbXCI2MTM5ODU4OV9tYXRoLWFpZHNcIl09e307d2luZG93W1wiNjEzOTg1ODlfbWF0aC1haWRzXCJdLnRhZ0RldGFpbHM9SlNPTi5wYXJzZShkKTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiNjEzOTg1ODlfbWF0aC1haWRzXCIsIFwiPCEtLUFETF9XUkFQUEVELS0%2BXCIsIGZhbHNlLCB3aW5kb3csIHt9KTs8L3NjcmlwdD48L2hlYWQ%2BPC9odG1sPjwhLS0gSUZSQU1FIElOTkVSIENPTlRFTlQgLS0%2BIn0%3D&i=2-2&t=adltag_l3zj303a_74uzjT3U5yd&r=22032afff8887fcbde6fe257120bccd&c=math-aids&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
jojxxrFPUieh9ZPhCvt1MB6RWikJaj0q
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
18215
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:14 GMT
server
AmazonS3
date
Sat, 04 Jun 2022 07:02:44 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
x-amz-cf-id
7jD0BByfK9kNUtIAUi8cKC_dCS-yQ1zODCPfkIVxIPRbNX5BRtpdwQ==
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/ Frame 736B 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e4b75816c1b2088ba5305eea405c0cddeeebee0f30ca09801724ea60ff49a35
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
58073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3379
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 14:54:50 GMT
expires
Sat, 03 Jun 2023 14:54:50 GMT
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C0D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct6hbkAObYoucNY_u_gTU6or4BN_dt6dqkaDnotgN2tkeEAEg-ZvxhAFgyfamjNCk5A-gAbWQxMADyAEJ4AIAqAMByANIqgTHAk_Qw1z10hKVxVdoUdxIR9uVc3pN27mdw28MiZarQoI7Ttd9i6XQkdD--wbXL-CuqneQIPqw0hcnUPewbjUJX6BGFEofcz6M5E7SymQfHTuZO1ek-ys4OArbwsqzf47ev_g3NOTJXbbHWJtgZdHdGuSNMeJkjeQTxX8L4moCfHQ3cCbgK-F2gsSZRo4VEfnBCrBYGUHOQ0Lx1YqoKAjltupj4TIKxG1ayyrKUVGCmsBdh24zda16hKdlfZoU7KuMeheb2j0mWI2Ql53fz1DdJy4q8jSwwI_VfpOVQAgmp_fRnvOib5FbV6-V4kplcepeZ6_guxrfBgKP6O0IKRWBDip6p3_JgjvlHI-N4hoO93pwwjCx_y4m5k93vutwLB6COrP5_kA51Xl5cVk4yhSfPAkSpIZDHorPPvfN9zG6bnI1JQ2h4Rz-AMAEv5WP880D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7Pvuz-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC172jSCAcIgGEQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTQxMTM2ODE4ODIzMTE0NTUYhNt7&sigh=rDL4D3yXp5M&uach_m=[UACH]&template_id=419
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame C0D8 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:00:39 GMT
/
de.tynt.com/deb/ Frame 60B0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
68f6fb8e43d346f4cafb383499a1b7cbb818eea024e62fdac9cf878e04aabc0d

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2124
content-type
text/html
date
Sat, 04 Jun 2022 07:02:43 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sat, 04 Jun 2022 07:02:43 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8340000A
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iphoneincanada.ca%2F&domain=www.iphoneincanada.ca&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 04 Jun 2022 07:02:43 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1664
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iphoneincanada.ca%2F&domain=www.iphoneincanada.ca&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=elouq3xOTU5CdU5CMkliRlNlTjZyckdqRThiV0o5T3I1dnplRnFOMVdTV0N3V1E4aUtqOENvclJ5RjJQU1g3VE9SMzlielNWa2c2MUNxWFBGcEN5ZnFVWkFvdnJ6TnJUd1R1TVVXNVJlNHVTd3NxZFZjekpsMGNCWVlXc0...
342 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=elouq3xOTU5CdU5CMkliRlNlTjZyckdqRThiV0o5T3I1dnplRnFOMVdTV0N3V1E4aUtqOENvclJ5RjJQU1g3VE9SMzlielNWa2c2MUNxWFBGcEN5ZnFVWkFvdnJ6TnJUd1R1TVVXNVJlNHVTd3NxZFZjekpsMGNCWVlXc0JGMk1GRVU4bmtvVFJkNXlzRkJ6TGg1V3BPZTFCU0gzQmp3RkpUQjBFUTIzcC8wMkdtdityZHJZWnNwK2xpdUZ3YWZSTGNuM1BmdmQ2MlhZKy9Bc0tadHNNR01ZQ0d0aE9qM0xwNXVPcnEyWWdMSStxYndVeTNmcGVQRUVydFNRVXdRbHNlNXdpfA&cppv=2
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
e2fe6283fcfa262d9a883ec9451d30e1c18905c9ad6c50ce71d9a70254590b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2880
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
location
https://mug.criteo.com/sid?cpp=elouq3xOTU5CdU5CMkliRlNlTjZyckdqRThiV0o5T3I1dnplRnFOMVdTV0N3V1E4aUtqOENvclJ5RjJQU1g3VE9SMzlielNWa2c2MUNxWFBGcEN5ZnFVWkFvdnJ6TnJUd1R1TVVXNVJlNHVTd3NxZFZjekpsMGNCWVlXc0JGMk1GRVU4bmtvVFJkNXlzRkJ6TGg1V3BPZTFCU0gzQmp3RkpUQjBFUTIzcC8wMkdtdityZHJZWnNwK2xpdUZ3YWZSTGNuM1BmdmQ2MlhZKy9Bc0tadHNNR01ZQ0d0aE9qM0xwNXVPcnEyWWdMSStxYndVeTNmcGVQRUVydFNRVXdRbHNlNXdpfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1473
content-length
509
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ 		154 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.178.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-178-202.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab0174d7de7248eafc6263e8d8f6ecd887c463b778d70b7f87c83a45cdc260c5

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache
x-server
10.40.2.212
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ 		108 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
16870f4f321f93d84c7ac63dd787f95556c9234615b57a110af9b26b20385b1e

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Jun 2022 07:02:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 04 Jul 2022 07:02:43 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iphoneincanada.ca%2F&domain=www.iphoneincanada.ca&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 04 Jun 2022 07:02:43 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1102
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 1234
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iphoneincanada.ca%2F&domain=www.iphoneincanada.ca&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=9m_xhHxVRXZFNmxzMHd0TkRhNE5jZDN4cS9mZ2ptN3o3cTJOOXlycHJMNlJETW5yalNqQU1GTHpKazdOUGJFN09CMHh4bzB3aHEvM0N1MGtnRThneHdqTEVCZVVXYVZTc1QzZ3pYTG54NFZQQUd6d0FMdHIzemFhUWZUcE...
345 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9m_xhHxVRXZFNmxzMHd0TkRhNE5jZDN4cS9mZ2ptN3o3cTJOOXlycHJMNlJETW5yalNqQU1GTHpKazdOUGJFN09CMHh4bzB3aHEvM0N1MGtnRThneHdqTEVCZVVXYVZTc1QzZ3pYTG54NFZQQUd6d0FMdHIzemFhUWZUcEV3cHVlSURlV2R6TnlMdGR0OEdFQ2h6Qi8wQnJGaS9PNklPeUh1M3F2ZHVJdlYvYUhWU1NUN1AybkhHNW5hNjZ3bGhXTG9FQ2hMQXI0MFZkdllQVXFmZ0FUaVJZaFVjaTh1dUd5eHQvQ2hGeDdiNFNlMmpvTmNSVThvU3BYbTV5RjV5U0lkN0p2fA&cppv=2
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
7b27071d543ff9d9f90693716c5378d09bab10dac2a00ea39c9aa0598d5b9c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3519
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:43 GMT
location
https://mug.criteo.com/sid?cpp=9m_xhHxVRXZFNmxzMHd0TkRhNE5jZDN4cS9mZ2ptN3o3cTJOOXlycHJMNlJETW5yalNqQU1GTHpKazdOUGJFN09CMHh4bzB3aHEvM0N1MGtnRThneHdqTEVCZVVXYVZTc1QzZ3pYTG54NFZQQUd6d0FMdHIzemFhUWZUcEV3cHVlSURlV2R6TnlMdGR0OEdFQ2h6Qi8wQnJGaS9PNklPeUh1M3F2ZHVJdlYvYUhWU1NUN1AybkhHNW5hNjZ3bGhXTG9FQ2hMQXI0MFZkdllQVXFmZ0FUaVJZaFVjaTh1dUd5eHQvQ2hGeDdiNFNlMmpvTmNSVThvU3BYbTV5RjV5U0lkN0p2fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.iphoneincanada.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1727
content-length
509
expires
0
ixmatch.html
js-sec.indexww.com/um/ Frame 3A42 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CB55 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145965
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 2734 		672 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
e492337a2aba97c127db17a339a63288125a6eb6c8efb255a26dc0ec60aa6839

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
425
content-type
text/html
date
Sat, 04 Jun 2022 07:02:43 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
pd
u.openx.net/w/1.0/ Frame C68C 		672 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
e492337a2aba97c127db17a339a63288125a6eb6c8efb255a26dc0ec60aa6839

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
425
content-type
text/html
date
Sat, 04 Jun 2022 07:02:43 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame D289 		831 B
511 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
34c19ed0d210c2c0768e75a762ac77bd7cc6b911f9eb56f5aa7080655ca7f4d7

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
416
content-type
text/html; charset=utf-8
date
Sat, 04 Jun 2022 07:02:43 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
async_usersync.html
acdn.adnxs.com/dmp/ Frame DD99 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 04 Jun 2022 07:02:44 GMT
ETag
"623de86a-cf34"
Expires
Sun, 05 Jun 2022 07:02:46 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0783 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6E30 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 04 Jun 2022 07:02:44 GMT
ETag
"623de86a-cf34"
Expires
Sun, 05 Jun 2022 07:02:46 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ECB4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145965
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame A27D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7B4EkIpnxjTnW9lIZxYAQF3dMVXwEK6CWw8YMcuqAsGznIJXpXbxs1FvHsMGXUR-UH-zRqdG2v-fkxLv9eQpkzrtFDW7bjEFy2JLicYj-VEQnS9o7Q_GCZPeEcyWP2zT7lR8u8veBDso-fFnPCAnjNdzqXCuBzhyGvUcAV_c8OpaawLf7f2e1pq8-bcadsd7q5kKiETm1sFHLP-FjNsqvCqZSQtYixVnDVCS7jBzLqngTUcRJD3t1Mai_zd0uqrcy1gm9Y7HtnSeF7DjEIrluOH5q4NVxdOAhCwUH2qVzOL95LYRmvLIk66RZohy5Oga0A9PO43Hqfb3XKxp0G7Rk&sig=Cg0ArKJSzB502-nzq8TgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 04 Jun 2022 07:02:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0955 		668 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNUgoCF1_jhL3gAzXm0kFAdhXWJBRQvzr5LT96JbamLgq2BYCY_-8-rHz0sRVxjQ_OG_oXjAJt4lPYizIoTN7k6zcFZN-v6fVIHco7SUBfjC2PK3O_c
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BF65 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq02cAzy9zqHUgyos6zoIOubQHY3ux-MO8Ru1HquLDlvSCOfRiK8MmYjE2r0zPIdT_WjEII5Jy9lmXRZ7Of0BH80jOubTAY35IXA-U654MYkNCHNZHAa_YuldQyt1FbvveSTk3IUArAjZ4ik6uGTvDPewp-A&dbm_d=AKAmf-BOKWvbSucMz74mfM0mucncT1SQ1wtS_bUBRGEQWVC_S0N4wPi5A8z97SjlnZKJ1SjRxlDFNJPWK11_o6gKr_vh5_G-hefVVh684FD-P1TeDXqEQC3QZmXM2KL5Pag865-cJ6yqffBDA9hkvZwfJ1EXZBxi4k7C3a3ZvICfwdprNvTHDn6UgtjBB8gI_1XSa_CodgoVcYbYZ-QvmelweIAFl3q1-7pTDHg3dYjv1-Got_qexGWCJcj5KLERWAayRosEkYtN2ucGwjYzCHrNW1ndu3-p3T93iPn0_flgDP5e0d4CMZV270IMTZJEY82woQ3Jokcth-KfgbtHtPpsc5dvqz_8B1Nqm3yafvjL0Hi_YdUhdy3_9q6HPlEcvePggs6aMc1Tgd3HOuaixPFx7QOzEl8trBS4-PDUjnN6lQhAu3qQjhRJR7WYq58QxpLtfT-FxsKVe0uq7RkkOa8d8rd5YVzv0bRHQjpL15Ctugv6-R4zimswvMy0dgBLcGAiDp45lTMiE2CPtaI-RJbjN4SafF_6bjmpiDNSglVw1-MuXCPDK0CIOjMaobyhkQEKY0q274MEy6XU3gopUc4mDmbJY4hJPKbHFoehVUDvfxgOK1Vayi1VjGSK6EHMZkL3UlUVggbHKNZNMbEVaoSYny9vHMoU2nR0keaHPi-9Idvrzrjp2z0AGnMl8eevvO5iHq0WXM8C_H1Vc1M-wQxY5MzaGGHti0qVAE2MdzrV6S6ZE1lf08-HgxMf0CmOStRpw_8AgzHv-Fw_7TnHVyZKHKzeRiWlWiH_NfAslPCbj2_OPh5Gkmzyg7_2l9xJ1iv9zR7TD13kxlxITdTc1x1jAoswwCMX19RP8aLiA0-oTnsgmeoudeQ8JJcmWGDi2DjoJpLDJvUZGQcHF7bYX3VAHhUy6k49wlvL85uqPpBsoCwzwnZFuLOZFTpPJANm_q9QKInV960ibhucG1lKYoj-nKittpMsiauhrOuuacEHa6OHI30NLanpkkmr424FGJbi6pXCCn5YQY1wcJPmmFKQxlCyYKd7BC13x_JJ3OmNhCJeMJoYUCkLCaNPYTnZeHpyupRGBeFkLAVvMWrxDsvv9JQ7nu1Eecdr6jK80Lr-N9KV5XpEMPf8mi887r1UXAsDclkdZIKhFZafvi8BnnLPybX1nfNaRaHWesuBr_QoopGkTFU-8YJ4q4Da7lxhf8FsgdwyzafXPHvKpcB42hlwnGovJVhBmjoK8hmtc4PNjkHO8vZsS-qT6NNkgrtYUTfsFPMJxbOVPKJg-A0I9eUorWEM8_vIZKqoMPbuVt2mvFgSLpJNipfdMVHzLB2feSJ0JLNzPbycRMIZxNEX15QzEbew1PbSE6GO2winJwn0N4gM3vKdIJkqXszwXrpSGj6T0mhffhlhCw0-GgvJk_PFgqtkFRcON9mEJomQa4a0I6ETXT4OQDtODITjNzCC-QZlBkPqeHA0PYPbp2E390Jqspcf5eIVQlJZ68mxTh5a9zCekiGfkJmuqAV7qVuBlZRiAyEEnDdjqgwDTQMvzCaUZYCH4Zh5inJBG-5jSGPefrQnb6Vuk2yBOTDsPD8K_eHdJ7UKyof8EJXe9EWi6_uauIeGBVqsnbqH1rB9p7R2Myi9y3mJaSn0aIe14V4SRS1rmfnQdlSGKa2bM04cz40ECwef0bTEgykxJON64K13TXmR318ZvzSBw2wcoTtNg-w4kOlqtT9DyEqvS1EHiifsIWm6FsUzP6rJqEq8MAA_JLn0W0EzCMuJIFkk7gyLvVPMAgb80RoIf90yzIjrrbieY9LSzO3V2Q3ER2VKonokswtXLoGQPaeFdTcxsSBg4CU9Myw9IqsRw7S-D3-Pbt7nMVpWofi6zmEGwqrh1waIc7P38upFhMLn-YDJWujMrAaurScjjBSOeKObawbqeLIjXcVINJnjMvpRaewrVY_B52T_DTKq5WzwY7aGIzichsa4iZE6QNmGoTIHMdcAFcxIJZ1jeTe4evjCmkOrMf_IH2aJkxoSLnRyRjjBtqv8DYgOjXlo2lPPso-EkndNeabemlhvWbK0epyBFeLDkYssODaHD4vEbnIE1WO0_47-Sy7dyc1DDuAGdjoDkVsrMJZp1I3vV9-EEIvS5t5WR0hkClgE7-ho1uUlCfUHJrXRV1NW6toYzgSn0BvWPbAaDJYzpxKKH0EcRZaD7hjQmy1qgq7lNnIEHlVAc_oVCzsLHMA_Q2bmWjAkenf96K_TXfv6wLhgpaH_8RPENWZDBviSFeGdQVCccoSiCo9VUzA9-1vRa2SoqvQGSWn2CcZ5WAo2s4STslYniwHgLvSoZGQcLIvtn_vSwJRpyOnbl3fX47vmHYFMS49xgIIj6R3xcNPLj3vNUb_QYZy8tPQC_BHEV2BvXoLM78sZIBHAIqDW6jAujjHgh74I54hgrMSuXgA8MXPYKSopI7yADQsmKbtLdnp6R0JF51pIMJul0jPt4nbhl2L2b9BQMbvDAJZK2wZ8jsU3FAkg47V5BYNZm_d7v15QA-kiYKtbPxL_WbmxaYSuoFe76Mm_Dw8bySdbd378gm_szXqMjl3rlfAfNrtm0E3pw_vxqrwNZfcrIebjQV3_F9zXZx9hJPIJT0JBAEhXx0woL9PP4cQ5x8w9NfaW8DsaeNKw23tiF5aD_zdKIa4Nqqh4ETI5w9WXcTtHx9a53qG7x1QGK0QErffYsHH2mkmtnlrmM9rJB6LfQ1IOPCsgtCmxCQlXIgMx4gHMsBs-xrW5mKM0_-Vi8JkQkBDSWxHKoTEUEs5bu3gHwUHfpd_8dGw0grZ0ND6oecM67s6elgZoojI2x2fMU341Twb5CRbSHSXub0ROdO-_8gnkYknE719FR1NwYslm_XkVbileA_uwZIA09UFXuIir3Y9i4nuxJrFdhBkQN4FC5oj-JJooYYGZFFcR8A0WTUnz7rhiiQ64GexrUgCgwL6hYm_32Y73CoZkPemtBXllroUM5BrTOZwfj-05KJrqCzsAfAYftoGDun25sguv1oINiw7fhyQ-Ty7_gnbQaPGuiGmZY1d1Eiq5lvsXEIIVJn6IstDQn5t4kCbVBk1vRA4KiFV5obBevX-24OC4n0MNbum5HQwtG0ytQm7rtpGbVyNVib3RUb4rxpVbUSrrMvqnURKLNbI4P9AZup_C1QXQkpUEEFdJI6w3wBqjgSQJm7hKnztwe396Xb8bpzNHx2czhiKUVDvNVMTZiE8&cid=CAASJeRor_UcTtRLF9IMbRPAvO7I4jDdVbE2T1YJs8yCRBnjJacl-DU&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
288a3200a201a07aa18a779f6e497c6bfafa0af0a3a947e6b02928f76511f36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19529
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
demand.catapultx.com/ Frame E130 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demand.catapultx.com/sync?akuid=https://www.iphoneincanada.ca|A8492896450583913946
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153873&r=https%3A%2F%2Fdemand.catapultx.com%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.iphoneincanada.ca%7C%7BUID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c8c51979f526331b9c5d535c222a180945492c536ef60c1d4a5ca6e403e12c

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
715ece002bc64bd0-YUL
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 04 Jun 2022 07:02:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yu8VCnu3zimWO%2FuvJIk3MlIqaFesEmmY1A8xmANQVG4tghbZHKjp8RAixEHNk2Ky3M5AmwPX7so6be39p%2B5sXZXpnLQuxzr96Ka1tityYWJPk15qA%2B2%2B6vEf%2FMzEYJC5R50UmJC77DYNAwx%2Bo55xVzxwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
rum
dsum-sec.casalemedia.com/ Frame 89E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYncysygEwAQ&v=APEucNW0lMbSo_AKuhBelBJqJnoz9xraF4-31Z_QytuVN_I5z_Xcc3lZOzJmvdUXsuzIAYnEQFTVdXuJpjGK2Awg3f-5wJc5WzcbfntN1e7KDaGB9cXCpQo
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:46 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 89E4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpsDj6V2eezDp-7lpu.RAQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYncysygEwAQ&v=APEucNW0lMbSo_AKuhBelBJqJnoz9xraF4-31Z_QytuVN_I5z_Xcc3lZOzJmvdUXsuzIAYnEQFTVdXuJpjGK2Awg3f-5wJc5WzcbfntN1e7KDaGB9cXCpQo
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:46 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGMEBitJgS8ogSjrqInyqs&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 89E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECzwLAkcSvJthKItn-H9erY&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECzwLAkcSvJthKItn-H9erY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYncysygEwAQ&v=APEucNW0lMbSo_AKuhBelBJqJnoz9xraF4-31Z_QytuVN_I5z_Xcc3lZOzJmvdUXsuzIAYnEQFTVdXuJpjGK2Awg3f-5wJc5WzcbfntN1e7KDaGB9cXCpQo
Protocol
HTTP/1.1
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
55aeba0c-f644-4a22-bfc5-d9b2ee95c88e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECzwLAkcSvJthKItn-H9erY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 89E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY5NjE1MTYzMzg4Nzg4ODAwNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY5NjE1MTYzMzg4Nzg4ODAwNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYncysygEwAQ&v=APEucNW0lMbSo_AKuhBelBJqJnoz9xraF4-31Z_QytuVN_I5z_Xcc3lZOzJmvdUXsuzIAYnEQFTVdXuJpjGK2Awg3f-5wJc5WzcbfntN1e7KDaGB9cXCpQo
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6bf6fc50-e61e-41bb-baba-3892e572c1e0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY5NjE1MTYzMzg4Nzg4ODAwNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 644F 		503 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNXxdQ70CGaL4LqEe4mjnHf657-m79h7HFFJDIzyQ9maZJxXKZ4jva23mquJCOgutaVjPB8LH3B9vGKCtmwkNnXHCchEHFc-nFYGlEJFJf8XzLJOayk
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
260
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 326C 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHHozT10W-DBcRz534yTHBYMemtrzw_a7tbxPFegp321a5ko40ciqMDeiPe8KdyUlf0BnoGuCa_TBmc-C5SGI1_62-QcfRcO3EPBWv06onUS1fjeWKAbdU3WxQNELyKdaapvmtHBSfex4sYqQ4JLzVCG73rQ&dbm_d=AKAmf-A8IzI_YJTGR3MI6lXeS_gU1QV1iyTqkmc_vol4XF0kbWmE-FdGJFfhcJjZFaYpE6HU_Xz9aZ6prrhrN2tQZ9ZvhSm0GDjvdKLH1-9hcQvfvlkmn91xBbRqdpdP9L7Xxp7Lm9vjdtSED6aJFcfuV5wFZ90p3ZNcW9lHSWt1KKDZq10ScN-t5cAThNvSxVmFNj4diGAVfChAEtLBX_nf26nchuO7U5FhF46lFFaXDydM5T04LEkCkNYTX9WMzmlWIEO1tgFL04fR51cK6L6WMd_dFgRouPk3YmZQkQWFoaWCZcGyjnZwfKq1wVPpZyjf-Qr2K8UiOn7BXzRt8VkHh4iuvdl5m5_juDvD1v8wCGuXg4Lqx1itrFoIJRoffVfFd3-Bxosgj9bMP4tOWUI-DA3eHkeco8POFuozwh36Y7O5kOHFm1SotUSk81smMrlz8RFE-EDOgNbt7USevz8JZyi-N4tuCUGiuTKlxMFEOPepIyqAgbnpIgqh2nugj5yTkzmzZWdapJCCf3mffbwKlpkICnMS9DOPqMQ4WbrjmAYhfJCyj-M4Tb2i6LTKZGRKm-gu-O-k1J2pXQBPaOpUUxsORdlblkxC_3Vzx68Q8ScylPwYYzpLyzFj3GaCTH9FsR_0ejWIH5z81rFxnxHeZCf429H97yORjFPEt82kAUd3BzwCq6W1vCkxT7yVlt70gHGjurOGpu8IFQoHxUW-3NYetYA_vaSjPdxcWnoUr8QlXC8k6LBdoFQs55hjwswzk6MDzJ_XRFNlWV3WoMaFWyAN53E9NDltBDNQafoMhz7YXU7T-B1QIx-JiRnkhHfnoKuOkIxVlKexQRnHmc41fJ1PUSBLYsCSVC_-x4OZxO3YQhCGHA2vDQhHvhMBJYGYaQhNJZuS57cyzD2W3bwr21OoYUJwGllQPRpnu1hDioKTPA52lLUQjLTbgdCMZG1050Ctu8LRrWXJS70xUBRm37_0RJrHsGqWW_V3mrbc1Yg2qql1fVckDensUEmfQWmYf7Ewjon7ukZo7hm9CLR_2N6HiyVkgKjPQ3WpzGRzBEpSdQkaSqg-PcpoqyUfzHoVSzn92ZAdHgatq9slrsuKBpUWgY6wX3FgTjEMdKGNVluUc1bqVyph1jiYEU9R7LQL_EMgt1Ucid7FNbdKUHZUiDfd7NU47CHAj1drg12893hmnzFCl6mc54Fptot3owiz2NwWZANbPV-6IFwROzZDz8wD4AK5PSFXWr1Znx6-Tm1OnT3jvUEscL84QGGLrGZQAYwSOYCavBlqi_Uxuxh4grf_YPWaH5x9d0B3NqKaIR7rX2VtlxYdRWwvelyKs05a6Dmpp19xCCcD93Xdg5NrYbIGiVJh6-fleRDRxbaTXUgfJt_qfADmLK_sCOgWlRsD9f3seOOGsXvQa2RDlPkPlmzmnliJNPyfAnP88iCnANHbUw_3HkI4TjqGpYh9882HSZBhJEpK1PUG3UbV4J8BFTRDSDRw3Hsh6xwFmI_Gls-cokllhsWItPb1i2yG0CMVSIXVHjIFVy5bb4G1E7SLlA6-bZf-DyU7WtEhO9QVg4G2KdBGHgy8weQdddTbUYU3OidHStigfoqb4Eer-19Fh7Q2bY7aBh2njtZYUUUbuGS664RvZNmRc4o1qUG2g23Rh_sldaczSg2BfxcTHG8ox_fqAGyLaR29OT0RfDwHVKhc4FnRyFhLKWuq9o71LTPZ5SOFSCqp2z_jj3136yJm_fdd4Aypmh-PPxINeAdMxELPLbIl0v3-Obn3GbRf-wArXP9a6xJfFP4ETC8wF1o7PS1XBY7dBtlyGFl6oj0Ho_ctrcjgJz8mPtJehZe8oepagK11ycAh9Z4SAKpbL-Viqff86XRcdGxXEQ6OoQjEL02tvBvoXXPx3_AUrPLeWReNcW4bSXWE_lY303gSP1J3HvMyhnULRpYwc3wOzx2vJ2aKATYUYCvisSUaELHi1ChrxkDRPqY-aWEF2sHJwU2N7tb_alMACS7-FQ9MBm4i7J69WL2MOwXWxysyvu8-8Lrqufxc2tyEmUocKXzoWE0l9Laeer9N0SKygwLmd6jew7FERicEn1Davtp9nFXvzYfbVWQ6A7taFv32abGv2cI0OExeukDMc5TQfYlURTbDc_NyPsjF-0mcMw2xmr4z6UFXt-NoUeSoEyQk-_-HGghcR7iHH5OwZH58WveIi6U-Qy1-PlU-ctd7s7B757fi0g7_I-za9dr_S4hedJHosKJT4S_D2v98AsWHtnFGIXn35rbkGaDF72yM-7-CWVTePnNtrHCy19f-5hZ5Vx-p26GimRtIw82WdXAFCUU-9gP4Kq-WKkzyYtBRAAmbfBppWGAWtlPG2NVPflazkujhyILEBXP2FU365M4isvlmcZUM7O5GyMY6_OoM-fqT99U62Zg-1dQFg-cIBKZYy92QH2vOyR4BJESaFypo9uEUf_HFuYmdwJLMON7MUszJRvLdqMAIVgP4E35kNvRX2vW6Jl57mLtvNU842G3KVrv2MqOorZOj1TIqtPVXDbix52iRkzHDiPvYgaGb5xeeefaWuUPW9xgz5M95yau536f-JjdHoAoGEArd0zNSb7dZrTNJcIw_GsONkG2Ya8p9P4ofrJqokuIXPLKnRYsvmVIHiJULCH7TEr5xbGP4beOUdue6MvgcW82vj_y6AAMFGe5gycL_G76IZrMTalf7AoDveAc6iu5dYNAwx8PqvrX5D4lCsqs03PY35uK_GSVIsSnGR8rp8SLHBomiagdU4sBWMZVaKkSfsY6xt4pKWI2-6-ux6IxOUOW8X7Pm_cDNUzFbHom4w9g0fl2ItL3-6jc70elITH2FpvZ3zuiTzw3QqlSjbNvcBN_0mdMeh4ph8qdFH1_Opm2IP7Bv2kzrYURMcVlEsP54WjHIwIGjJon8n5MXbk0ETEG8SNVlzLTDFnHMHpY5kgkjDBAh25G-xp8o17ka2gRP06_0VuIqbbp6LWFSEN19Jk5iaMSXsfcaT81HJl2AyUlOL65qqKfoOay9dbSzDv4J4uSjny2hxMby1I7-Ehqo56JWubQRMdnPFiKuJB85tjPsTvT-vnHCO4lNCKZoMYtpa1ZB0rBzd5jmEWkpquMLtYuZ5NP9GYmmswSulcLdZPIArfzLi4CvxL_GwCnSh5AzhyXDPSGLzBIbeAkcG_C4Kkputq4EfwBwQCZsWYaZZcTKegViBdQo-p9i6a6nppcqON3-in8&cid=CAASJeRoyKQQsYL3SMvq7xtCUKJst9Q7pRa-zPQEfrtmH9_mwtYtOJs&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3b339e10c4772cb8e73fa2a5563ad692e5c0495ed06ec6843e805d6afa42864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19520
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi-tier-1-us-east-2.connatix.com/tr/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:44 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
pixel
googleads.g.doubleclick.net/xbbe/ Frame 21A3 		384 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuq0aYDEMqOxLEDGMyfy8sBMAE&v=APEucNXFCZHwah0DqusZsg9l8AxqSHlDdQUpOLX5HiNvjd96sWtwnoUVk14xZK2A4ZUcx9oXSLQfrFJqiIY8n0cU0iiirLwY-6ZAQCiie86QXHqWbr82pZI
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0849e4b0761df9b5d739e148278ffdcc35b38a569c9b3571340b7bb909beb011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8D3E 		56 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp-4U9Ys0XIF_5tjjqsbosGYeKsl9lGiG2662xPC92Q-haxjvLMgGL32XB9yeBHl8osDEkJ2mOWx5CfZY18e96oKpYMA&cry=1&dbm_d=AKAmf-Ao1LU11wcEkB7ryQEXukoWwGtUv36Eh8DBp6LGSZvLFXkKelmFoj51QwpzM5CJIdVPxBhW_Bqjk8CtlCYjNRtiH1xWmJnoc5TIptwyi0BAyUNci2oHTBMLvagLvLAcDUd03x1WedrXPCWEk2vrck-yK6wdQ7IuMlxT-2KL3AOr0tIi7vjlVi7zuPODENYpPjf0WInNRQcVZFBqI2pzDeAa52dK72GPC3IlURUhc-YaxursGZTIB9h21dlv9LpF5vWbr5Y9GCN8teHw1CVA4DVTZAfslY-kssq7sWayV51tUCkNFkqT2DbdpR1npRipcmxDVbeWxwKcGatTNKz-EovNHPgd8zCdJ4wsZOL2zdJfGN3AV6d_AFRwDM70z8JxAmt8VKeRVg-EAHbpWlEMvus_Y030HOnQosbxZ0pW89vQH0ejUJ7PesoscZRA2R1_tCp-yRuP7zx3ivg6RSuWiOWBT1KAL_PMeZ2Fa29NkGsgGdoIrMW281mS4yPZfZ4EQ0lPBEFuwIRUfWcyrgrdozeFxqxgpKylw0UIGdVVP9ilRzwKwameNHh0DlW8bOinK1iIdbueYEDXVL_tIyEHgE5pFfqL02QFxEjKIWSETfq7LAnp21tbCL1XDrioHA5sohU8mT4JOuXIgY6ixHavi1GaeZ1yrvuIqZcNuMTfCpGeCR8AMbkYM6r1fOkEZ5CG69EHC7tqMOpXI064fgzsb1zDID-eekptXaDj9hzsMGtvI1lWJT2nNIsfO1WoF9cIu1z-q5FhdAV6l8qKEFShHNakDd0NrccaqHFCo5QUVmxXcpkHhWwXA8Fnx8xzcv4F34I8y27jR5bYPMIbdpAKGP6sp0GdU3B7P0DW6fUgnAM5PpW01wfmIqF8UED2vWK_Rb2OM7gdf12OYLahowbvhVd10ToZrDpB3t10OWtFNhfd3D1WQXAbgIJ3W0EOjassC-tul9zQh3ZsdpRxFj5KdKPxsTq71DN3mc-nrV7imb6BMM7B-zlv2R9haWjkOZwNBdbPPPG8fSjV0q9IwSr7uWyYP6G6zmqqa04cKfIUGLKwB2bysPkQLkkPw1uF9eWoJapqOthSCVyzB1Ywcendx4SS4pM-izZsFTQV6SmUX8YARN_x2R9U5LuntZSV_1qCf23f3keaohuiukuXunn1P26m9z1uigAegXZJTI_r7yh30PIo7xeHtNP4iXayldBgunVkOWctk2vjyhbbLrtyko47S8IQ9NQHdnkyphDpg1xtgh3PJdJhJPo3tkZesc3V8IgCfAjC3QICaFGzSbTB_pSIEIQp573_yb5CvfFQpa3kP8QR1bjFwNho-57uanswCh2rAeRCQAsak0lfRVYEqkwuHkXl2UEBZ0y6RFDyOCjIJLyGgAnBsUWVtqyuc4LHjji6cpCP-psuIbBYl3wOnME6TPDOrSM0Aa74cdLb9GEqcap8egLmQCbwQ964qlSQolqQVFpQNzxnh9K64IA65VwObeDGmH-eG0dnmmmsS0AuHt8GqAYloxXoWxcTr-YbEovNFmXb7eaoWXccu7DjImoUqb4QJ9XWQOoXyvte86jUxVzOe6GyBC9rcgvDpMVbyHQRt4qlsVCol7WcW4KbybySGaLqHIh4RtUuGs0rWJuVHyhz1nJMBW3IYRPPJ_io5PvGGTGsRP7M3g9RuRbVjpDsiXDAOHh-hH5cwz3AXaqWHstb1H2qZmRjZpKIULlxbUYA2updh8G0QJ6R_zsDmQc2lovFI72uGBuAD7pD40Smjy321fJ0y-RJ1_2zXKiT3c9CuhVwZ696EPU6rSq8QEbFQJMUjM4auCfJudE6CwsgvAZqTjdXScTVdR7QQJGr5tarZKrIwv0eEbWr8uhs7QnErLrB9Bh2s0B5ZRoEq2apH5nVMm7sSEyjZTWAhZTk7HNe8Nn9mEpWpdrdcVXkDB8UVm4dxqIJ8k8jmsCXXiBNbo4i35hd39Jlb5MD1QAhyMZpKfuoS2nOK9OeRfCIkFwUZrIbCvXTZu7g6aQ3UizF232107cZerNktHPg_SWpW6_wSuT9JxiZjuqhTfGTLd8_JfdFP-qws4no8JdYhxeqFuiJpbehTVA16wLcM9vZXUGzC-F7XoTkn6Sa4MyOEciaYqBeEvasAAjGNA39wuKy3FSbfggERP7FbNRDlDPLJUXuiY0qHXWM0QkRgbzgQq24oUhYhQQBMAFhqBDNaO7-k4j7rzZiMD6CChIWVqxW_8_4n3E7S5KAVgikDowzugSyy6uCFsplKTQbyH-Bi_yZBJJX0x29bQg2AErezS6eWjd8GJ1NoVjxm6_lWiSBhYrL8efbeKiZ0L1oF5imgiybJykqAvlWvoQTIaZntVUTLSavQaZ1-JqdM0grYiOtwNYscwgltgTEtxc9YRfF5cjHwGqgQG9a9eXRDq4zPBYdW6-MdVBvBbUydXLoYwDRFIutOXvkN3rT6vDA0_-JFrCbiZDioL8WCUULwvb0SZOHLJ-gX0PmzSkorO9LpvhGRrTPKTbLzCR5oEQ9ZtNphgDissWKqOJLO051e3iTxrodI4wxK0SHcc7dGXkJVfF_xq3lHIKHEP_bLtZoOied2IXqdlpPW5VBSfQsUs6_LbmeiKnxN91OfIuoi4YPp_mQjOkXjLIGeugSYXIKwyvhsU0KeJ14tZYdwZ-wQwo-XXdTwDDTbSPp8gKj6x-k8BSC-6Ook_rqrT8gieBmVVlpJjKonT9IXD5suxCJDMqfjWkH2F3Yfd0zlx76n7UgF7cye2KSykq_SqqA1slSYTn2eSWjdYo0lvF63jhoJFbFse4FpVsYD5lo6QiapTjImgSIqdyKWm1RI27bArmddpyECqfVg4rpKx4Q5UbgZagdhWO3_u31NAxyueyqUhkuFjILZ0TDh51EktzzIDRAP5rBVFz6sfhd2yevlg1tG5UBz_aJT1kkDE4TmSL5ngdhsji7iQKwDKfsFx2YwaheSzNN2GMHgbmkS3_VmhFulYRfd7c0I4SySGO3SLgogXqeOMVlJNgbdAf4--rsZPkWSw5hYnWHI8TrD5kM6kKEj4VBfb80b_T9m9eH7N8c93gfsp-6rOzUOD9T2lNpfVdVo5oc8RvpQKCpnuFWOV_pyGc5xdUa9hHVVsvFi6Z395Eo7Z2HGZDDa77gOVPU0jq7LuczCoQx2LPErSUsnwzEx7kqfeWEBAWZh7mW&cid=CAASJeRods7_geRno8D0d-bOxm6oAU0RwiJuifvLz96z2x3Iivk6f30&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07ac13517bf23a8ab3701c4d70f9ecbdf5670c16e506a0fd0f673a44b6b06c1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 736B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 05:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 05 Jun 2022 05:04:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 736B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 22:27:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 04 Jun 2022 22:27:06 GMT
2b9bca78717e44645984f4bd46ca7462.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/ Frame 736B 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
192189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19087
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Thu, 02 Jun 2022 01:39:36 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Jun 2023 01:39:36 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=elouq3xOTU5CdU5CMkliRlNlTjZyckdqRThiV0o5T3I1dnplRnFOMVdTV0N3V1E4aUtqOENvclJ5RjJQU1g3VE9SMzlielNWa2c2MUNxWFBGcEN5ZnFVWkFvdnJ6TnJUd1R1TVVXNVJlNHVTd3NxZFZjekpsMGNCWVlXc0JGMk1GRVU4bmtvVFJkNXlzRkJ6TGg1V3BPZTFCU0gzQmp3RkpUQjBFUTIzcC8wMkdtdityZHJZWnNwK2xpdUZ3YWZSTGNuM1BmdmQ2MlhZKy9Bc0tadHNNR01ZQ0d0aE9qM0xwNXVPcnEyWWdMSStxYndVeTNmcGVQRUVydFNRVXdRbHNlNXdpfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 04 Jun 2022 07:02:45 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1106
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9m_xhHxVRXZFNmxzMHd0TkRhNE5jZDN4cS9mZ2ptN3o3cTJOOXlycHJMNlJETW5yalNqQU1GTHpKazdOUGJFN09CMHh4bzB3aHEvM0N1MGtnRThneHdqTEVCZVVXYVZTc1QzZ3pYTG54NFZQQUd6d0FMdHIzemFhUWZUcEV3cHVlSURlV2R6TnlMdGR0OEdFQ2h6Qi8wQnJGaS9PNklPeUh1M3F2ZHVJdlYvYUhWU1NUN1AybkhHNW5hNjZ3bGhXTG9FQ2hMQXI0MFZkdllQVXFmZ0FUaVJZaFVjaTh1dUd5eHQvQ2hGeDdiNFNlMmpvTmNSVThvU3BYbTV5RjV5U0lkN0p2fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 04 Jun 2022 07:02:44 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1069
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie.js
partner.googleadservices.com/gampad/ Frame A27D 		221 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.iphoneincanada.ca&callback=_gfp_s_&client=ca-pub-8845604764087408&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&gpid_exp=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
adeb384cc1007147aeb85de376da8bebfffdddd4a88186aa92e8ea5f83aef389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ Frame A27D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.iphoneincanada.ca
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A27D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.iphoneincanada.ca
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A27D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tn=DIV&id=amp_floatingAdDiv&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A27D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tn=DIV&id=onesignal-slidedown-container&cls=onesignal-slidedown-container%20onesignal-reset%20slide-down&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1F45 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&adk=1812271804&adf=2751418292&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=7&bdt=1061&idt=963&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.34ipdilynprs&fsb=1&dtd=2544
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A27D 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220601&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8fd609ded03d7cd9e9a0332423f1c7e344727f36619d441ed955aa915d1bd2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10553
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 544A 		133 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbe433960ff741df9bb579a940b5f0b8f32d64bdf70ebf941d522c732d231971
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjDvJudk_gCFY4HaAgdUOYLuQ&gqi=lQObYu7NGoqYxAP6-IPgAg&layout=/sadbundle/%24csp%253Der3%24/5751629574223798899/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
44282
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjDvJudk_gCFY4HaAgdUOYLuQ&gqi=lQObYu7NGoqYxAP6-IPgAg&layout=/sadbundle/%24csp%253Der3%24/5751629574223798899/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame D840 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 04 Jun 2022 07:02:45 GMT
ETag
"623de86a-cf34"
Expires
Sun, 05 Jun 2022 07:02:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4BE5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:45 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8FAE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145963
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3B9B 		1 KB
1016 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
f46d9a4e277e6492c93bb34537bb2f7f6bdd2d742409f93ee36d222d756dab52

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
447
content-type
text/html; charset=utf-8
date
Sat, 04 Jun 2022 07:02:45 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame 753B 		779 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
a658220d878c8e688814baeca1cad2c0f5ca917a9afe4d3da791088849aa8251

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
473
content-type
text/html
date
Sat, 04 Jun 2022 07:02:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame EEC0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 07:02:45 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
2000891.html
sync.serverbid.com/ss/ Frame 8467 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000891.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.116.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-116-7.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f31877812ade3cbda659976d8597d3059465388c75dd9097c5c9b63ad7aaa7c4

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
10728
content-encoding
gzip
content-type
text/html
date
Sat, 04 Jun 2022 04:04:24 GMT
etag
W/"80b4cb8427bdc87559a8857675862d26"
last-modified
Wed, 01 Jun 2022 11:58:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4290d8e21534487fb5d6b6aa6374cbe2.cloudfront.net (CloudFront)
x-amz-cf-id
1ffCXVdfGiGoi5CUUMjpgJqgLQDZ5FJxJtMNGX_YUTuFHangRXYcCQ==
x-amz-cf-pop
KIX50-P2
x-cache
Hit from cloudfront
sync.html
public.servenobid.com/ Frame 1532 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7048cffc8d40a9a30ef697e4c5d0a36916f5fc52044329e28a8c7c4b4666aa03

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 04 Jun 2022 07:02:44 GMT
etag
"932d6618454a24c5cf3ad5f25825ecce"
last-modified
Tue, 31 May 2022 18:42:20 GMT
server
AmazonS3
x-amz-id-2
1EWrkREQELcqNvZdUiU5mMy0qYyCuDCU18aQ/BfSvx85X10gQWd7mKgtLrV0xaDdMKCSXLwpEpo=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:2eb1aaf4-247b-4e52-a802-e8cd900d39ea
x-amz-meta-codebuild-content-md5
20a4fb183531ba70b39d5a2dfecc75d2
x-amz-meta-codebuild-content-sha256
c86041a4eda4e8a7eab23343995e324b6b57a4b93db1e64ecabf90b8558c6365
x-amz-request-id
TK8C24JP1470MG9N
x-azure-ref
0lQObYgAAAACo815DdT/HR4FPO0PPEknCWVRPMjIxMDkwODIwMDM3ADg0ZTdkZmEyLTE0NDItNDMzNC1iMzRmLWU0MmQzZjdkZGFkOQ==
x-azure-ref-originshield
0XleaYgAAAABUBV4fXU/kSax4HSLEJ5EMRVdSMzBFREdFMDUxOAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-cache
TCP_HIT
isyn
prebid.a-mo.net/ Frame 3CCA 		831 B
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
34c19ed0d210c2c0768e75a762ac77bd7cc6b911f9eb56f5aa7080655ca7f4d7

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
416
content-type
text/html; charset=utf-8
date
Sat, 04 Jun 2022 07:02:45 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
load-cookie.html
statics.nextmillmedia.com/ Frame 1F96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://statics.nextmillmedia.com/load-cookie.html?v=4&bidders=33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,colossus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-55.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdbad17ab9eff1a901d5e73f4b81ce959441c9df7ce0939341b825c013c18963

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 04 Jun 2022 07:02:47 GMT
etag
W/"1b7a42b2790e36fe476fd0d48d9fd06b"
last-modified
Thu, 10 Jun 2021 19:22:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f424ee0ef15f257fcef58f1083399444.cloudfront.net (CloudFront)
x-amz-cf-id
6eSnfuVihpEXGigRCIoWdcziUIFCAzfrwE6YTvhtUbzMsyz56GEsSA==
x-amz-cf-pop
NRT51-P1
x-amz-version-id
st_RdzazW0xOPrztDrjyFVdD0JES0QlO
x-cache
Miss from cloudfront
beacon
ap.lijit.com/ Frame ACC9 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13394437
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/iphoneincanada/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Fort Mill, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
3530507462a2da8ac309987d97b63aa11aa769aca29e1e4e2984aa92a879e249

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
5603
Content-Type
text/html
Date
Sat, 04 Jun 2022 07:02:45 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=1696151633887888005
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=1696151633887888005
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:45 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7b169dc8-1235-441f-b594-b2cb81b779c5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u.4dex.io/setuid?bidder=appnexus&uid=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ECC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSjIHfHzbqNoK1RouDStgMEV2-h1PCxZio0qZZNXfBpTQvXPf_jgzL7baTTspzKowgIwtbS5B1GhIYkch4-fAZIs2ZO7SRU-_nT7MiW8bAJJQ1VlpaW1XRO88xmA5_XIAUaTsk-a91dBCIDYNk3-fpe6-7uEJTHWtgsNM5ZlKu8lxBzGphC08WL8bjMRO0O4qd5QQxYMdj-ElYbrFBVx1jRnOl7-JwdAXOJbdhDFsHRhjR9BtDoehTUNl9craGokHQ4b2RbgkaWES6Va9rv_GSoXPSIb2ELt778PmbAO_qT-yURtUHGR9_jpfv3PtHvcamwEz4TLKQFThK5osfh_2_EUy_Z0x4&sig=Cg0ArKJSzFycNlrSajCqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 04 Jun 2022 07:02:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C5DC 		620 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNVXN0MEBhQsNoNX-MBppeK3YunYzqXvtDOwM6GHSyq6KbOmPCZggxYd44wtpbuYuAdCwwdG7wEqCEavRGvg__zMvYrShqYsrCZQRRMLnYY7-OHgM-o
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89d6a758a7f16d3f67d2bfef2a9f9046a18c1056af10a00d4360133af9652b11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
306
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5C70 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYKpdQ6MYptdvswk4vNghKFSH__RZ53Nt4OkwJNHHJzNsTE1OrOObsDO5M4sV19xhfeqgIPJfTKmQ8VoJK6kfnZAaUH3AAM9mYQ2d99C86ND7gLh-xXUKG3tcNeGS-cK1Ldg0PIMLK_ajhcr9jWl_ALI7w6w&dbm_d=AKAmf-D2la3WCJt4egVr3HLf_3qYDXNDCkk-SxAMeE01Uza-vIMUYU_UhHNphFEZUeBeOgOjLZgRZxPDFUSMA0-5F9ncgIBB7B0VlN4aDPVZRPPLKI62hxuQmmSmkJJKsTyjTYLEKERfN8T6oRRfThef0MdujyZ86a7FZeD048u9XNTbweoQaJP4q21NESeAcGCdp-DSAbkvznkTQ-I3KPeMuGmgO48jhG04-Zpb7Tw_4umlNPZnyNbvgU8O_r7gOuTq-FvZJnoLN6BCJaoxaEIMzjSdouG0jpc1c-2qPWwRR72b-zomRi0H4d9felzHnDK-6li9EshLqZtBEb67GxNO_tpJNGDwE0lTUDQQUIadFHdNGC27X46JkVbMk9FYBZSCJT7QRstn0K_fIpK7qJxVIU6HbVWDY3Sevp1JnB12hGOFI1l05c_FOUZ2o6q_8o3ODwecvaeRY-LawtkLmlbgC_xGi1LpywTwu3JLd6LQYnzSEtZAgEZ4TwbewOydlH5klOi4wPnsl2Uawmtqsm-u3kmzQUK0F9y9QJ-I7J76E4CX6XaSEwPD0wJ1acpItmsf17D2ugFjS0lmErCIiy3NKbHvQAfE1B3bClRiZD_8BmgivWYfmZi25TORyUtA_5OENaYhv_Qd9gCDMLhhc9XL1k4ufbx4o1CUcAboqCaaP322MGX3JYiX5GDj0kzPTyhEr5jb0VNJ3LL9EbqeuwglXidlz9ntyMmhokHzKZNvD3P_Ama-pK0QwC2wEOJPltw8ggI0Mrt021FvGynnbPjsonQ6NtuHoyTRZfXuV-MB34nQg2orCw_B6uKtZeRJ4bB-SVTuug8mqqgSDoEkXZ1YJDEt4NSgoCEjIlYQOvYJJf4tnVlRbwfbp5tgTMDfX6tLAzcZ0RNAZJHMFF4wyMhAACw7REyuJh8iGoDSYVYXBBb_GLU78OAL5RyY3MDW4-F-NgpE793Nna-DLJzjmZOSg7A7W4W049SjnxZUHNpc0AkKmrqDQ2zmUOs7mH0TyAMKPRxD6Y1u6yiqthO_HVS3DSixBxK9Mp-KXoVW1Hz5cSWB-OJKO4SCQTRgp9IpdiP0fOZO9RfV3j12cwAMA1QIcksPiMbALnILaTEfzuvAQquEi76qFo27TBLLjf8noVLAnaLdjtzOyMTDfc8g7rq6FRj_KYDyqHHZahpQ7_haIQ6pkxKNNb8DwlggjYMeko0ch3KEm09yHfZiggkcjv49zI6NmwOmFYpQrAUU_Y9ipdnFa-Boj08F5SctNu0zT9HE1e8zHHO8AzvG39xnuu7gF8uzkbdPGtqzuwHY_uMpLHswVC29cYY6sVeCAaylUoqsFnwJMATyEb0VdQriQM79QnCeHuqTbYJm32J5o4KnPPA6lB9vp_qDJmZU0MovV0UzngLopDEpcZaxcugokF2gnfM68yZdSsEA1Tb9SanJM_L6G7BiJZcLGDBwKOYEF1NLbj6LZc7n-p1VNJaT0z5vB0SLg--girFBwrArTsTsq1gXwmK6NhrsjKmsA5fNlFZQdfD5jKjt98VXJU7cd2zM4mOK62wdAcrr9KimdUCbcp8KCeMNeBibDFogoOmIkvK4vYpS19im2Gi8F2x04dyoLe3uyxe1-AFI4udU6e1_pa1EjdOGZWO8jvqpxzMbyCn-ujxateKC3iKkBSqYmS44XnH3vBS6NizNOgWwoG5t5Y_Js0Bo5rtoWCrqk8IdyPSi5U5aB3l3LparQwjK7EQrLewlDDObdi1Thh8_yHCdYsjIaOqW2VkB0BIMTXo8L_oGInEVbG92j_ggl2u1YgqmV6JwuDf9bb1Q-7pmg5tWXbVjp7CBcPUuZgfnVRcjXDYtLm85aKpHiaYR5nWd1pkb1UsqMbi6f05H6uv_MYlFODFfldulV_UQu3iVF8KyfPqHDE1714_3DY9LIEnpc1F6iBspVwxng0eFPWkYW5pOZYgDWa3V3oB6hR1jLUF8XCXLUZhmeNQi1MuGcoNZb_lXBaJ9IxCacGMP-coghzkaAFrZ4OHGAOMijOrOm4hbykATBdvgaYvSv8_I--as2Q7zeOv7ZkfxwCrQjMaahzDeb2PD3JtaOq7S5k7KvR-7eJJM0W4Qv4KWY2JREEHXAjozAzLxI0XJGcMzzN3U0oq77PN8Nu11eOCOsz_uEwREMjzgDGKZH8KxNo1B6f0maGBvMwqJ0n9gqAZ3XVDzXrrCOFqsuDmRWO85z_XLRSSZfMxlrf60tq2QKQZUYZxK9JE856pa_A_27pj74n776ewAm5mjHbQUeT9KBNQiDH6kDUDL_jdzxrzQMSzK2Y1J9HKzrLZTzi5fsmiMOyJ08W4WliuVzst4fQ5GfJjF2gDon4GfAJlw4M8ZWkKPAInM1t9VZZRP7weHG-oLWsl7JuiuFUwvPznoEkOMDhFO2lfuMPRwL-B01w2gjILRegNviztabgQLvNoNRe2_7tLWq2XGItJ_biqLV08Cv3c1r36y0J4uqUYlz8lB5_foPYirbcWFNn7Enaj44X7WGZzLhIpHwKDCb8Vv_jDKQ4J6bN32I2nE4kwwzCx5TO1pbgZEQ1R5JKETTX7DTWnawjBJjheV0MUj61HK8G5mNO4pUuaYkYph6G__I8aBE2fIOEBlqZKpkzAmk-dIj4HH9UzhSAI1wgCY1Ul0CaW9SYCgQyy-zu7f4LbA3twpUUbwKX2B9gsCWqwLcOz1RdWs4XKy88kmxsl2deH3vXPzerP6XF61CtUyybbVJSzeFvM4aOdGsVGO8uBc5I5IpM6-tKCD-Wrs_SdMFZBQ4sWmXFd4O3gvVH8GdwS0aEstH76WRtZtUUYTjxpzsGoG0h9WUO16EUtNDgzuaNkV674G_piRCvG21uMDD0MqLNgYnRsodk6Tyd9rcdg3kr6wxKLX_KIqe6AToDpd4zw1q5x0ef0rtim8migdZXCI50FViYth0UOZohG4UMVcDdtTmTablp9KqQigOfNtKHJyFWN12D9IymzdlPtYXXRumZxkf12zXlGYqzqvbLIs0a8rw2Y8CUjupGtYSvKex01QjlzKrefjXDgTltLidTlDHYNNbTHQ0isSRGI7KmbiyBqggev8fV6RBkRAZ_WqYCAKe7mSsO2IRv0cL9z_sCcJvJKfUN_04W0yX-WBYsAAOM37icF47FeL5fNhVx5H62NFE2RtA31uIoxbMW6ONLTZCicWHnJsdKHqJDbDGUQPiDDDsEp8Qb4Meud8PVOJ2bArSRs&cid=CAASJeRoFHySZhWw7Gd2ncCr5LTrSANlEPB-ghKOZBJtj8nva-VbE5U&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6102537310bc7b49741b165fca1911f7dbdd98ebb87cf8d1c1dd6a183301c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19498
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
outbrain.js
widgets.outbrain.com/ 		199 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3188af99a60bd9ec4609b6b7c9435650359be3831128b9c308a6de57c19d1f8b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 12:46:18 GMT
etag
"16-w7yuibLuH5hWWbLKwE9Rw+RXcd8"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
a046aab15475b89194a49f32bfec0cf8
timing-allow-origin
*, *
content-length
70276
pixel
googleads.g.doubleclick.net/xbbe/ Frame E5DB 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-c9gIQjNWC9gEYjLqAyQEwAQ&v=APEucNVHOkMksmgz88l5hOyAnrLixNvWTA8YYCqvkMW9WfmrQpXh_iwzo1Lj6bXaWkcVqzR_Dho7yabKsWZ2oCLzKM0JXoE4h3wd2aqf_cnCATddm-qmIcU
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 64A8 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVCjRxtJbbr6Ma_7Mf0Y2ofi-71yEjUUSU__J-ntUdMhD2K_784Vjj84TyFvLfVEF8c0EG2-Og-Yo3UK66IKEjVijHQs9uBDvWK-v9QuSaGhoZNFopwHPoaF12PC3NFPowRX2PbPZYpON8s3e9csMBbkBucg&cry=1&dbm_d=AKAmf-CGsttlhXPUndjIUtDUpBxSuZKkUkajeKkBcwUB8jCZeqyA4tR2TEwbJSTBU8dZIXD0nEmEh1573I3seAyFYfG_3cxvF98LOLbwn4OfjDaa_VSDxgTEfdidefqaMP6it5YI2F0hW9iNjv5BvnZ4ef4Uqzt93yLK0Kf8hbugFzwlJiNmKG9FuoM16eyYtXAAPV5OnJS9yBUooRCTEHX4IF33UoteYCZGhPpOBHzTycCJU3C96AkFjtBzb_WSc7iJzh7jQTwC_NrDDk2qKDBJOu1xfPsDfjhtz_2FxNMyFniGmcbJYL9iEjEveiImg6txcAWhJttcVspBfJL2Y3uIQlTjfZTsazGVlESyJJX-fF5oGDqfGAIDA2yFagZcAFUSRtJnkwRs0qEN09ERjjiLy1ARC_UtIzaL0uqPHAD5wxBZ50yiNQ2LHfrNGPmaiFBS0CkTeTu_fa8q7IE0iCxGAvIZVOTAQcFQSQZM_95pT3jCDu0v6vNoOhDDDeInPVOLl-oKWYlyuTow2akaw5mCZweJoaTWHpM9vPJGx-kl09U2qW6EZMrnfdS_bU9FT_WAqgYJeksySSKtZS92WUh0KcfPc0HTTI915ummBKbRugWU8Rg_wWjx3IUKLaoQ2eibNFK1-h5TVg8-macbF8bw8OOdrvO8pxYCsPW36tdR39ymwhMmP1K7rPFE2OJOcfA2LK3d0cq9j9OC6sDZOZMRczi8jLdemJsiKMYLOqoGc63syE0xiqsurTBFB5fUxbAT8aKaC1AJOEt0LbJwp8WTjati9LBi2MOG-3tljv6Ifh8C2N0H6DUU8itPgp-5ZIUlQQzvU_X8UJFJ3dvuk9Vdu5NGSAlzCpmkWVyuEdaY2AsiFdssXjbodc6PAdMzetryu-HN39mNCC_2o5ZI3xbQ2LBvfeJ9y3qE7lXwzfMPFplKyaELnGqhsUmfv2EMJsFqcLal7zmXiwVZMN8CJS1BU0skbuxxcqBRLTe9hzVVayaGIRH_fPwXVLWUIdtEcYXdvp_QOtTOY744iw10AF4w4zjCDV73tRjgtwjvXMJjHdI6LrokfvpoPq_H6oIPtkPgdunzoyYKagfJwfQ5Upclg-hkuFFRJ6j7VVi5ICxbNNm3wCQjJBCoqN7vXdBpPr-kUdOn5WVOYuNL2WRJ9LAp3NQKE05Y0hcaOJmWWa4e-bzrPaby33BX9N1nRBLt5vlYip6yo5SQdU6FB15d8xK3-VtuJ3tEfdjvr1qR4NZNmCBRNFKVI5eYQFEnZXI-FXgabX8L-8jHNW1D5dRY0zpIsUXLvCPi9erSFHQYSrcY9FAfDGp-iaFTz0thiZitd9yuZsKC2PdB2N506oD8gQ1NPKGcdsWyVatWQFNQCKx5nLGAf08Sa0oRmhaGdfM0owOL_J7SD3os9P2Aj049IJF5a5U8NBGYS6vyBFl3BbzGe68Wue_w_-LHj9QsuAOilwBggU3pGTnmtWH7xL6dQm2HIB372O7YcX0MOu9AktHap5sNevH1Ps7_KPLilm7BfUlLcOno-c1S4cLqxms8x8KD2D14XaGhugTNWRg5flmpgMD5OLGNu7N7d4TkAKGw9w4iHt6Oci03rnJDkS6dWUN6ezCNYEwPhzU-RwlNgaFdLluzrHfK0OHEArrqBAfOh1WcfTZwLfqu3DJ4SNZtIXcTW5sHiM6s_wrm5wfXFo09NCo13uYsSpQm_5W-eIuI0DzpDTb438H1PnzNVbfZrWj0--JcD4uGk8sdA7qnQjI92CFBIfQrP6oXVjvlX6r6yIfgAYXnzoGHCCc45v1fVGhs1JNAu0k8lRaUE2jiOKb_g1dsh8NlowX7LYo4oXMmKrFHuFBDegTWwbQJA9JhIpEgLCm05-0oMeTWLWhT-Yo_yhtz8VfGO_6vhbCCXJdyqwGddFd_FbQ94avIWZTk1VeN_YDpDMl4oGP5ahQW0r3_fd3nRGkgE79J4c1-4n7PD2olAWS3Kkj0ERhOJOfJ5FJGJNkjQtXi9lS1qc2oFSui1PS6XN2HiXWoCoUoYu7mYuVEx024hxPBdrPHLcv3-r_FwrAb1czNjNumtzmfUy7pwdXy1xYGW5-yxE_9kHMdAV-shSVQB5c4sqt4VVV1Rw-s7BnAwPuosl63XdogsWl6oEBTXt5BtyO8upqCKxNCHA-3Cjp8wrIJKd9EKoxt-Y8U4vK-L7hJ74d-2WQ6-vVu2yeMPUtcLoCXJRlzlelPBwi8cNFM26U6gOWzarB93IVfO1xdlGFXpqagB1pWyZviFgDrN1AVvHPgN_NseFDkTdV4EbLRNiMf6hPbucJ9kIseldiTZsiFWL3Bcznvbk-fZ5JzVptr5Sio3PoZ-v4rbHCiSzxn53ADMG-s3NSobj1tggpOVRPWXVT4uEaCeuJiPmtIO9qY9dom6yiFqFhQfqQQG6LadPB32KBfi2NbzUpbnjvfvGWcgkWd2ke3V2GTgkkDqy8Y11xJh_NmyPg4MzEtpEvzfph5NQclmp_TjvKWz7WhjjdPD6Y6GEf6rXvD7OeCDSGEl97YfDi58rnosmWoZS-vNO6gQrnwLiT890XxIODWd7aVtb4Mh8qzKHCESPPnlNrBdoqHyqe6DwebptFqKQd65ghV12_VY054n-Q8vtp_i_mPIN30x8Bp36QTlv_i-OOiyUZM-DKwk7maj67fibs4vrOQTqE5gv_LSgNlGz2N7rrsfsursg0PcDNN2Kcscg-VTc1wPG9s8gyjH8JLUuHlFZZfXs_oEh87_5cqBJgMiM1R4UNBYGhSvx5llld1fWSJgJ79fBytZDtn_9a0YrEPVbqc2XSU1DT-BbYS6jytYWVlQiHoSOTCNYblSkKrCvuEcK2TCo1fAEVdemhKEbAJfO8YmJMmhWw6ZDzRE_sRjs73dZlDyCrTxCvVOJOMqBME9iEzg5-oA8vTiZ3DyqXAMcwR0sYU3kX83hnfM-TQMfG-QATAAOmep3W91h3zURCGw0ruxnQVDOuI89uogfjGvCb7vu7uGpc00-K1s7dUk6SVbnmwj6jrEWLBvYe5X2jtyHZM-9UQqgClRzXKzOnplpV3eHzbcOJB4GRx8CrenF-O_hsGbuAJ8eN4KNSld65I9eY65_mHhywCFWPjuW2imMZBJ3NmWYbr2xaCrH_kOxPzd_Aui7SZvlgboD9MQzAw32Ag-RXEujC-JDx3ruKBGD92Lpzr7YKpj-kMV-_zjmOj5r9hKqjI1rbvfs5CIp4ub7Ei6szkF4G6UeusIm7s7LJAx6GFS83x4SGTx5fP_8eMbSI_76z-onLFDOB4uWwVF5NUc7YNZ4qIttWd7Ww_zWX2fmZyshuSL2M7VtkalfpkNEWjUBfzxajR804Plhe-g3Cb8pBK3XXhN613xObCovV-_oLPX9-NA48532F1yn1lr8NmBBKiJZns2Gv2xCQJZv0T-IQ27ewUz58eYJbNGlxY&cid=CAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68815c4dee03c727e63ef1343f7ecd314ffdec7c98de6072e7ec5b5d3f7932b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame ECC8 		221 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.iphoneincanada.ca&callback=_gfp_s_&client=ca-pub-8845604764087408&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&gpid_exp=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
60dee10a8cfb1ec38730242e31f5beb6c60d1e1170622f7ac995ef39eb4caa46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame ECC8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tn=DIV&id=amp_floatingAdDiv&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js?bust=31067887
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ECC8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&tn=DIV&id=onesignal-slidedown-container&cls=onesignal-slidedown-container%20onesignal-reset%20slide-down&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js?bust=31067887
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ Frame ECC8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.iphoneincanada.ca
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ECC8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.iphoneincanada.ca
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 28C5 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8845604764087408&output=html&adk=1812271804&adf=2751418288&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=1524&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vhtun6k83sxx&fsb=1&dtd=3316
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame ECC8 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220601&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js?bust=31067887
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc45863bd1d9ff72935881c27ffcd781c4ba2932a5e6879035bacc68ab30bec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10571
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 515B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Origin
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 01:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Jun 2022 01:45:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame 515B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:35:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 515B 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
server
cafe
etag
754631604453815386
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:49:59 GMT
cframe.js
assets.a-mo.net/js/ Frame D289 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a9c40a71438fef419038b70cacbb5581760e50a22d685334f3f191339b5dbae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 28b8fcaccf73021230d8e4a6c3d9e81e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
216
x-cache
Miss from cloudfront
content-encoding
br
last-modified
Mon, 23 May 2022 12:30:58 GMT
server
cloudflare
etag
W/"1adebf06d9a344b87c61ed43b7bf868d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
YTO50-C1
cf-ray
715ece0c4a36714a-YUL
x-amz-cf-id
60Yncl0s1k9E0LbVvfWY6rDhNzXY9qNSMIWn893OqGAt0CGL4OwgUg==
expires
Sat, 04 Jun 2022 08:02:46 GMT
sd
us-u.openx.net/w/1.0/ Frame C68C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame C68C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654326166.396690,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
5fd9479f-d135-ad6e-4557-8332ab97738d
pr-bh.ybp.yahoo.com/sync/openx/ Frame C68C 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/5fd9479f-d135-ad6e-4557-8332ab97738d?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:518c:735c:e4a6:5f19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame C68C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame C68C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc3MWYyMTEtODhlZS02MTgzLTYxNjAtY2Y3ZTllMjI3MGE0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C68C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2734
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 2734
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654326166.397980,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YpsDkQAGWK5FIQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
5fd9479f-d135-ad6e-4557-8332ab97738d
pr-bh.ybp.yahoo.com/sync/openx/ Frame 2734 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/5fd9479f-d135-ad6e-4557-8332ab97738d?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:518c:735c:e4a6:5f19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 2734
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=cb1e21db-4199-3f27-7480-95c754c0bec4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 2734 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc3MWYyMTEtODhlZS02MTgzLTYxNjAtY2Y3ZTllMjI3MGE0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2734
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 3C25 		925 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.197 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
da9e09aed318dab2358d104d9118f2464699e9e2b91096b9a03c57f67e986c73

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
925
content-type
text/html
date
Sat, 04 Jun 2022 07:02:46 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5AE7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 06:28:04 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame C0D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame C0D8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
sd
us-u.openx.net/w/1.0/ Frame 0955
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNUgoCF1_jhL3gAzXm0kFAdhXWJBRQvzr5LT96JbamLgq2BYCY_-8-rHz0sRVxjQ_OG_oXjAJt4lPYizIoTN7k6zcFZN-v6fVIHco7SUBfjC2PK3O_c
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM6T-2_Tf73jYHSi35u8gQQ&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0955
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc3MWYyMTEtODhlZS02MTgzLTYxNjAtY2Y3ZTllMjI3MGE0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc3MWYyMTEtODhlZS02MTgzLTYxNjAtY2Y3ZTllMjI3MGE0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNUgoCF1_jhL3gAzXm0kFAdhXWJBRQvzr5LT96JbamLgq2BYCY_-8-rHz0sRVxjQ_OG_oXjAJt4lPYizIoTN7k6zcFZN-v6fVIHco7SUBfjC2PK3O_c
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc3MWYyMTEtODhlZS02MTgzLTYxNjAtY2Y3ZTllMjI3MGE0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 0955
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEPfN9b4Vfy1QSt9b-Ly2tgY&google_cver=1&gdpr=0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPfN9b4Vfy1QSt9b-Ly2tgY&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNUgoCF1_jhL3gAzXm0kFAdhXWJBRQvzr5LT96JbamLgq2BYCY_-8-rHz0sRVxjQ_OG_oXjAJt4lPYizIoTN7k6zcFZN-v6fVIHco7SUBfjC2PK3O_c
Protocol
H2
Server
23.195.109.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-109-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 04 Jun 2022 07:02:47 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEPfN9b4Vfy1QSt9b-Ly2tgY&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0955
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjI5Mzg2NDktMzU1Ni00ZmQyLWJjY2EtMTM5MWQ4MjMwOTQ3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjI5Mzg2NDktMzU1Ni00ZmQyLWJjY2EtMTM5MWQ4MjMwOTQ3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNUgoCF1_jhL3gAzXm0kFAdhXWJBRQvzr5LT96JbamLgq2BYCY_-8-rHz0sRVxjQ_OG_oXjAJt4lPYizIoTN7k6zcFZN-v6fVIHco7SUBfjC2PK3O_c
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjI5Mzg2NDktMzU1Ni00ZmQyLWJjY2EtMTM5MWQ4MjMwOTQ3
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 04 Jun 2022 07:02:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8CE7 		134 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec24056464a659dd78f6e05e79506ea7a436c4336f7c2278474968783ae9c7a4
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIbV-pudk_gCFYgJaAgdA1gCNA&gqi=lgObYqTKG5GsNYWQo9gB&layout=/sadbundle/%24csp%253Der3%24/13014175897113125687/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
44454
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIbV-pudk_gCFYgJaAgdA1gCNA&gqi=lgObYqTKG5GsNYWQo9gB&layout=/sadbundle/%24csp%253Der3%24/13014175897113125687/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame BF65 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
server
cafe
etag
754631604453815386
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:49:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame BF65 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:35:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BF65 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu52aku2COlTBtdPtsiwZ6apArzGIkd1fhwQMy_dFiCOzPsa5BhMQOLGhGMfVUHOdE6myj0tqkYJdMy1dnNTO1WYBocJA9MyPkuo8u3U4bagqKoUhdxYQSgXVkFrjpdf1ObZS5-OQ8VvbT5WAXpmsPxl9NX_HOSmLmF6mrSPsH87qoQgCz315l0KMOy_I9AFF8qlMRaXy3xUGGvOSjOrQ1MfjS4-LtbzDoBi7eAXBZd_d4j_olirYDZ9uqkvXTvi3YBeZTstqk7vHKF_8Sq62GLc0Cj9chV9n04gqRwOL9dR12H8xDK83rNeof-8i6FU0AV4ZrxhkxsXOb1sE9adcb1mb4pVZF2rvN-6tmGz9_8zON7sWEp4rFEBlHW8rqXB_QyJQ2tuD2rtlnQrG5akR6Q8ZpfSXQZ5-6uOdOTlZVkmb8ehmYlm3z_5rADNJmNGtleM6pMqGuSCSLssD-KrGaR3T95OIbnu68XBn5cBd8qfwOlp-wEb1m6m5VIssHUioN9kP8Ywvp2WDT7Q0-Kgvtx69qTD3B8MRHLgPTZ108EUTo8Wsj3rgdI-k4bW16HbTqZW5uuFZd2-6u7N858A2KQTR-5ZwRApcCXM6K9bKrg9OY3kjZQS97m_MXUywXvKpEXUNw_0WaW_dHhjJXDPud8eLvOHXRiNr3PveQ791mAGKl6CjPqEN1gQ-S7MXvod17qeBehwAtTDuQu6JDhn-WtSv5IntY-KRhX1B5sO0dGyhV6Iyb6RWgsoXtlaMNN_Aqw_sf15wsQ91gRBVWJNiEYOdDIbyDo79nS-I_Z339shCNjtHtoKCUKkRQPYEArpgvY1fEdcf7a8q-4LC5joQ7Pzcu9Tv1NBZaLNGo2sUBXo__cvwFeyu4BXOkEn1KsiTBvpvuWDpcFlvUcEFh5f7YjJyKax1saHaWvgggf0Q4WrUOJMzMi_aJohuzCe4aiQRqT_rOkZRrHdq4yfsoTuudRmTupAcB0CAXw4oY5pcAfFsgSJN8R5_RgHA2HiY4T8GE3MRsi1gG2cqMcuIeROiHNh3ZjvHEaizOIhen3gHUpvWfTNfyOuddLmTizPjTE4GBtQuq0stihPylufQl4V1T5ZV_MUGMoQBKadr1zbaPMHOODrukhazFKrsxCyvfBFSPkkUHg5IKaImEPpwv3vvX1zl5uo1PtuulDIG65uhglPO7TDqLjXSfd0lQWU0KaFfLkoNmYYuOEAbDzfsBVwWp28d_3&sai=AMfl-YTHbbGNqg0btDnx8BSNg2KyrcPKe7gDqS-ORbpbeXaI0ruE6b1zz8p4aYEQR8X9VFJlkxa3ZcWeaCdem0V5K6TaqGrZT96cxDw0wIq9-a9bhitjROUZWblT8MYqWn-mVOlVZ5lUZ8Z2RLAwF4dYTS5uhP5AXqMmzuFIbHhPJJdckTbfA0ciSWl_hnyCZXb-LWQ_7rehDYkinkxUHl1KxlUV&sig=Cg0ArKJSzL0ke2YF1aCoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220601.83436&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq02cAzy9zqHUgyos6zoIOubQHY3ux-MO8Ru1HquLDlvSCOfRiK8MmYjE2r0zPIdT_WjEII5Jy9lmXRZ7Of0BH80jOubTAY35IXA-U654MYkNCHNZHAa_YuldQyt1FbvveSTk3IUArAjZ4ik6uGTvDPewp-A&dbm_d=AKAmf-BOKWvbSucMz74mfM0mucncT1SQ1wtS_bUBRGEQWVC_S0N4wPi5A8z97SjlnZKJ1SjRxlDFNJPWK11_o6gKr_vh5_G-hefVVh684FD-P1TeDXqEQC3QZmXM2KL5Pag865-cJ6yqffBDA9hkvZwfJ1EXZBxi4k7C3a3ZvICfwdprNvTHDn6UgtjBB8gI_1XSa_CodgoVcYbYZ-QvmelweIAFl3q1-7pTDHg3dYjv1-Got_qexGWCJcj5KLERWAayRosEkYtN2ucGwjYzCHrNW1ndu3-p3T93iPn0_flgDP5e0d4CMZV270IMTZJEY82woQ3Jokcth-KfgbtHtPpsc5dvqz_8B1Nqm3yafvjL0Hi_YdUhdy3_9q6HPlEcvePggs6aMc1Tgd3HOuaixPFx7QOzEl8trBS4-PDUjnN6lQhAu3qQjhRJR7WYq58QxpLtfT-FxsKVe0uq7RkkOa8d8rd5YVzv0bRHQjpL15Ctugv6-R4zimswvMy0dgBLcGAiDp45lTMiE2CPtaI-RJbjN4SafF_6bjmpiDNSglVw1-MuXCPDK0CIOjMaobyhkQEKY0q274MEy6XU3gopUc4mDmbJY4hJPKbHFoehVUDvfxgOK1Vayi1VjGSK6EHMZkL3UlUVggbHKNZNMbEVaoSYny9vHMoU2nR0keaHPi-9Idvrzrjp2z0AGnMl8eevvO5iHq0WXM8C_H1Vc1M-wQxY5MzaGGHti0qVAE2MdzrV6S6ZE1lf08-HgxMf0CmOStRpw_8AgzHv-Fw_7TnHVyZKHKzeRiWlWiH_NfAslPCbj2_OPh5Gkmzyg7_2l9xJ1iv9zR7TD13kxlxITdTc1x1jAoswwCMX19RP8aLiA0-oTnsgmeoudeQ8JJcmWGDi2DjoJpLDJvUZGQcHF7bYX3VAHhUy6k49wlvL85uqPpBsoCwzwnZFuLOZFTpPJANm_q9QKInV960ibhucG1lKYoj-nKittpMsiauhrOuuacEHa6OHI30NLanpkkmr424FGJbi6pXCCn5YQY1wcJPmmFKQxlCyYKd7BC13x_JJ3OmNhCJeMJoYUCkLCaNPYTnZeHpyupRGBeFkLAVvMWrxDsvv9JQ7nu1Eecdr6jK80Lr-N9KV5XpEMPf8mi887r1UXAsDclkdZIKhFZafvi8BnnLPybX1nfNaRaHWesuBr_QoopGkTFU-8YJ4q4Da7lxhf8FsgdwyzafXPHvKpcB42hlwnGovJVhBmjoK8hmtc4PNjkHO8vZsS-qT6NNkgrtYUTfsFPMJxbOVPKJg-A0I9eUorWEM8_vIZKqoMPbuVt2mvFgSLpJNipfdMVHzLB2feSJ0JLNzPbycRMIZxNEX15QzEbew1PbSE6GO2winJwn0N4gM3vKdIJkqXszwXrpSGj6T0mhffhlhCw0-GgvJk_PFgqtkFRcON9mEJomQa4a0I6ETXT4OQDtODITjNzCC-QZlBkPqeHA0PYPbp2E390Jqspcf5eIVQlJZ68mxTh5a9zCekiGfkJmuqAV7qVuBlZRiAyEEnDdjqgwDTQMvzCaUZYCH4Zh5inJBG-5jSGPefrQnb6Vuk2yBOTDsPD8K_eHdJ7UKyof8EJXe9EWi6_uauIeGBVqsnbqH1rB9p7R2Myi9y3mJaSn0aIe14V4SRS1rmfnQdlSGKa2bM04cz40ECwef0bTEgykxJON64K13TXmR318ZvzSBw2wcoTtNg-w4kOlqtT9DyEqvS1EHiifsIWm6FsUzP6rJqEq8MAA_JLn0W0EzCMuJIFkk7gyLvVPMAgb80RoIf90yzIjrrbieY9LSzO3V2Q3ER2VKonokswtXLoGQPaeFdTcxsSBg4CU9Myw9IqsRw7S-D3-Pbt7nMVpWofi6zmEGwqrh1waIc7P38upFhMLn-YDJWujMrAaurScjjBSOeKObawbqeLIjXcVINJnjMvpRaewrVY_B52T_DTKq5WzwY7aGIzichsa4iZE6QNmGoTIHMdcAFcxIJZ1jeTe4evjCmkOrMf_IH2aJkxoSLnRyRjjBtqv8DYgOjXlo2lPPso-EkndNeabemlhvWbK0epyBFeLDkYssODaHD4vEbnIE1WO0_47-Sy7dyc1DDuAGdjoDkVsrMJZp1I3vV9-EEIvS5t5WR0hkClgE7-ho1uUlCfUHJrXRV1NW6toYzgSn0BvWPbAaDJYzpxKKH0EcRZaD7hjQmy1qgq7lNnIEHlVAc_oVCzsLHMA_Q2bmWjAkenf96K_TXfv6wLhgpaH_8RPENWZDBviSFeGdQVCccoSiCo9VUzA9-1vRa2SoqvQGSWn2CcZ5WAo2s4STslYniwHgLvSoZGQcLIvtn_vSwJRpyOnbl3fX47vmHYFMS49xgIIj6R3xcNPLj3vNUb_QYZy8tPQC_BHEV2BvXoLM78sZIBHAIqDW6jAujjHgh74I54hgrMSuXgA8MXPYKSopI7yADQsmKbtLdnp6R0JF51pIMJul0jPt4nbhl2L2b9BQMbvDAJZK2wZ8jsU3FAkg47V5BYNZm_d7v15QA-kiYKtbPxL_WbmxaYSuoFe76Mm_Dw8bySdbd378gm_szXqMjl3rlfAfNrtm0E3pw_vxqrwNZfcrIebjQV3_F9zXZx9hJPIJT0JBAEhXx0woL9PP4cQ5x8w9NfaW8DsaeNKw23tiF5aD_zdKIa4Nqqh4ETI5w9WXcTtHx9a53qG7x1QGK0QErffYsHH2mkmtnlrmM9rJB6LfQ1IOPCsgtCmxCQlXIgMx4gHMsBs-xrW5mKM0_-Vi8JkQkBDSWxHKoTEUEs5bu3gHwUHfpd_8dGw0grZ0ND6oecM67s6elgZoojI2x2fMU341Twb5CRbSHSXub0ROdO-_8gnkYknE719FR1NwYslm_XkVbileA_uwZIA09UFXuIir3Y9i4nuxJrFdhBkQN4FC5oj-JJooYYGZFFcR8A0WTUnz7rhiiQ64GexrUgCgwL6hYm_32Y73CoZkPemtBXllroUM5BrTOZwfj-05KJrqCzsAfAYftoGDun25sguv1oINiw7fhyQ-Ty7_gnbQaPGuiGmZY1d1Eiq5lvsXEIIVJn6IstDQn5t4kCbVBk1vRA4KiFV5obBevX-24OC4n0MNbum5HQwtG0ytQm7rtpGbVyNVib3RUb4rxpVbUSrrMvqnURKLNbI4P9AZup_C1QXQkpUEEFdJI6w3wBqjgSQJm7hKnztwe396Xb8bpzNHx2czhiKUVDvNVMTZiE8&cid=CAASJeRor_UcTtRLF9IMbRPAvO7I4jDdVbE2T1YJs8yCRBnjJacl-DU&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dot.gif
s0.2mdn.net/ Frame BF65 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 05:35:00 GMT
x-content-type-options
nosniff
age
5266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Jun 2022 05:35:00 GMT
rocket-loader.min.js
demand.catapultx.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame E130 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demand.catapultx.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: demand.catapultx.com
URL: https://demand.catapultx.com/sync?akuid=https://www.iphoneincanada.ca|A8492896450583913946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a7cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://demand.catapultx.com/sync?akuid=https://www.iphoneincanada.ca|A8492896450583913946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 May 2022 19:22:11 GMT
server
cloudflare
etag
W/"629124e3-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwko2F8hzFcn3zqba3Xxfth3Hi8PVkMMXWJM6nkAU%2FR%2BF%2FAff5Js1NulRvEjyCSxWO%2FMRrYaHL8tuTPYEpcERoxTQCVHNAxNTaOm4IDn2grwUT5HfOKe7AtfHXWSWpZojiM06P%2B%2FNXZNQFxVFnKonngGYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
715ece0d1aec4bd0-YUL
vary
Accept-Encoding
expires
Mon, 06 Jun 2022 07:02:46 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame E130 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: demand.catapultx.com
URL: https://demand.catapultx.com/sync?akuid=https://www.iphoneincanada.ca|A8492896450583913946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://demand.catapultx.com/
Origin
https://demand.catapultx.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
715ece0d6bc27144-YUL
player-event
events.catapultx.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
715ece0d3933ece6-YUL
date
Sat, 04 Jun 2022 07:02:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTdjg4KPUw6aUaJZl%2BrKp%2BelgOlY%2B68AUfohJuEavxIS24EYiFLm%2BexRyVBePgChFdvC3fZtazWBpn9kUXneekXqHuLlYtLv4VvxAGdUBB2D%2BeX8iRvgcnXSl429Y8BdrrCUeP8XpvV3IRl9%2BMt53tu2wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.catapultx.com/api/v1/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-deb2e7f3.system.entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lt6YQSjnzSa1L4VcRLheQlkH3giAGVZbu5pikAK4DsTPRnrHzOnS4SyDeHh1azmIYvMlzTAsVNGTQgUbW%2FekYOr4I226HLh%2BBc9RRJH8kdbQjbNTxr7MHSoPhigEP2cgLDSebrsL6JeSlM4%2B2QhlL0pjmg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
715ece0d794bece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:45 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F69 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145962
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
partners.tremorhub.com/ Frame 644F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEK0uLmQr71CZpCk3WPgqOFI&google_cver=1&gdpr=0
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEK0uLmQr71CZpCk3WPgqOFI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNXxdQ70CGaL4LqEe4mjnHf657-m79h7HFFJDIzyQ9maZJxXKZ4jva23mquJCOgutaVjPB8LH3B9vGKCtmwkNnXHCchEHFc-nFYGlEJFJf8XzLJOayk
Protocol
H2
Server
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEK0uLmQr71CZpCk3WPgqOFI&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 644F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEDi2kkdUhgHHUJxhphufcts&google_cver=1
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEDi2kkdUhgHHUJxhphufcts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNXxdQ70CGaL4LqEe4mjnHf657-m79h7HFFJDIzyQ9maZJxXKZ4jva23mquJCOgutaVjPB8LH3B9vGKCtmwkNnXHCchEHFc-nFYGlEJFJf8XzLJOayk
Protocol
H2
Server
69.12.8.74 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
26
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEDi2kkdUhgHHUJxhphufcts&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 644F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTIwZGRlZDAtZTNkNC0xMWVjLTlmY2YtMTdhYTJiNDAwNDAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTIwZGRlZDAtZTNkNC0xMWVjLTlmY2YtMTdhYTJiNDAwNDAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNXxdQ70CGaL4LqEe4mjnHf657-m79h7HFFJDIzyQ9maZJxXKZ4jva23mquJCOgutaVjPB8LH3B9vGKCtmwkNnXHCchEHFc-nFYGlEJFJf8XzLJOayk
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:46 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTIwZGRlZDAtZTNkNC0xMWVjLTlmY2YtMTdhYTJiNDAwNDAz
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
13
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 2048
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326163946.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
990 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
e9d882a6dd5a7ceb27293ab69dba91efff9a1f2e69873720087cc07eeb707f81

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
574
content-type
text/html
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sat, 04 Jun 2022 07:02:45 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
setuid
u.4dex.io/ Frame 60B0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1654326163946.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=2130873079196
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=2130873079196
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=2130873079196
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 60B0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326163946.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YpsDj6V2eezDp-7lpu.RAQAA%26463
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YpsDj6V2eezDp-7lpu.RAQAA%26463
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=YpsDj6V2eezDp-7lpu.RAQAA%26463
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
311
Expires
Sat, 04 Jun 2022 07:02:46 GMT
qmap
sync.crwdcntrl.net/ Frame 60B0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://tags.bluekai.com/site/17724?id=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D1389%26tp%3DSTSC%26tpid%3Dd34ce5e8-8c76-4e77-b365-96f2b...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D4...
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Server
52.201.137.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-137-214.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.32.195
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3Dd34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341
Date
Sat, 04 Jun 2022 07:02:46 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
match
events-ssc.33across.com/ Frame 60B0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1654326163946.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1696151633887888005
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1696151633887888005
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
44c1cc21-57b3-46e8-9745-3362d4b62d14
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
events-ssc.33across.com/ Frame 60B0
Redirect Chain
  • https://match.deepintent.com/usersync/149?us_privacy=
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_51b96af39a72406f8fcbc
  • https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_51b96af39a72406f8fcbc&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_51b96af39a72406f8fcbc&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_51b96af39a72406f8fcbc&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 60B0
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1654326163946.7
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5
  • https://events-ssc.33across.com/match?bidder_id=66&external_user_id=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=66&external_user_id=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=66&external_user_id=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&ts=1654326166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
dot.gif
s0.2mdn.net/ Frame 326C 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 05:35:00 GMT
x-content-type-options
nosniff
age
5266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Jun 2022 05:35:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 326C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
server
cafe
etag
754631604453815386
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:49:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame 326C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:35:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 326C 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS0H9QwaUWOAaMdGo6mkMP1nUeXqF2Q0fV7Qzs4h53JB6Yao0pUR_PygOoFIvyfocBx29e4CydhhPlAiKz05y_AVb_0oFSsKm_5Qilsnr1P_Td6zFBtglUeZkb1xbahSLVDMQ-1hcZUTUAX_aviPDl22-yz1eynTuOIWfoHTDj4FQVvGjL0GO8gyBFLt1Owd4ScXQ6X7sF9DE1nvRHWDzj13A_JoYTk76H_wiSe6th4HhJuXwRQwk8WQ92lhnBuh450REzCDSlibsSyrwUhC7rYsnyDA6VsXo47Vg1belMKTtmaE5q5g9ZbUuUeugtsUzp23hCXXdxq0MH3cdFHPdhllL--PfN0wWMHkUQDL6t9xwV3suLPqy9t1z_TuoZTz7vqTa9h4gNlpk_ZV0XFdjY7aDh8jAbzSFJMfqca-ExLVyI2wU3s7lsN_ZrxZh7xFfx4xT_f-r_NcYW60WB14odf1MFaYwkKKixJqmzSRJdWF-wWLi3wNqsEDW5ypwajc2ogSa0-PFVb79uXuINHmHHhgRT5_JrzWa4u2IrlsaIbd3Kik6n9zf2cQ7psxTiRcv9D4yMgwSBH5u-7NnBMAxiEYb0JCGdBCIPmwJfP1Xevbjw1N8ALXoRjcTc6CBUiYmdoF_QobPHVk5ZjOvGNvGdHmh7rENLzzDG5eqFt2RInUZNE-GQzsqL7ylEd63GYZ0NPv9oSLazLJN1pZNINZgaJlfRKQlvI1RY0IhnYKW38J6w2cZeMWUi2Fmd92iMPSGZsBafdGbRRE8u4c16lN7NVCdHkDxeGUlftthyZ7EQa6RNvQdbkFcRB962rOMdAEnMn1k6jB_1BYg3XIBz7PeEUX7B8rfMZ3gPjnBey-JLLzftZkePDci0pGu9pDcjCNIFWJS8-lAO4R-Lv8MXPIqcqG2zU4MiyMr9EhWQfNd-sHhOz2HA_9p3UI5Kpj-hyOpOinsAawuHnKOfI6zOLaRKG6daV0neniPrAsFdp9xGfumJH33-5d08ODOV3Mdl_HB8gAUUYcjp53uP7vJZzBN5X2eRck3h7lMEHaHWwx5fa8bFiuu1kEiOPtGRpW5RTPsmBLxIIDulxVjyAR-pSrDJMq2YXcr0VikpoHxAsaiY0fy-wPRhM50bVPWR4qTEyBAQxMr0KAB1u2x0zA1sZFaXFZa_KYy_4seT-gC_nf8ROm_b6CxScGwCo7leR27auUmxH-80OyaZJgaXsJzP3XpNcW-G&sai=AMfl-YT3XvoK-VjULO21iLE3r8PRlMwoph0wmSa6ZRAlKzA0G19O77qYgz8tgWIEV6nDuDnJEWRkzUYnxHR81LvHRO1gqWkI-JUpHRkaSQtRwAXebtQikg0Rx3fqRQyRd9joEBnbdiajzUuRcJtGzZLXFaNjDXJl5iNhm7nOHCjYeIaPzVPjAkZl9UgEJDm5Rnj-Ha8szErWqR-YLx-4vwiN5gth&sig=Cg0ArKJSzKH2QNRW_KjpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220601.62825&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHHozT10W-DBcRz534yTHBYMemtrzw_a7tbxPFegp321a5ko40ciqMDeiPe8KdyUlf0BnoGuCa_TBmc-C5SGI1_62-QcfRcO3EPBWv06onUS1fjeWKAbdU3WxQNELyKdaapvmtHBSfex4sYqQ4JLzVCG73rQ&dbm_d=AKAmf-A8IzI_YJTGR3MI6lXeS_gU1QV1iyTqkmc_vol4XF0kbWmE-FdGJFfhcJjZFaYpE6HU_Xz9aZ6prrhrN2tQZ9ZvhSm0GDjvdKLH1-9hcQvfvlkmn91xBbRqdpdP9L7Xxp7Lm9vjdtSED6aJFcfuV5wFZ90p3ZNcW9lHSWt1KKDZq10ScN-t5cAThNvSxVmFNj4diGAVfChAEtLBX_nf26nchuO7U5FhF46lFFaXDydM5T04LEkCkNYTX9WMzmlWIEO1tgFL04fR51cK6L6WMd_dFgRouPk3YmZQkQWFoaWCZcGyjnZwfKq1wVPpZyjf-Qr2K8UiOn7BXzRt8VkHh4iuvdl5m5_juDvD1v8wCGuXg4Lqx1itrFoIJRoffVfFd3-Bxosgj9bMP4tOWUI-DA3eHkeco8POFuozwh36Y7O5kOHFm1SotUSk81smMrlz8RFE-EDOgNbt7USevz8JZyi-N4tuCUGiuTKlxMFEOPepIyqAgbnpIgqh2nugj5yTkzmzZWdapJCCf3mffbwKlpkICnMS9DOPqMQ4WbrjmAYhfJCyj-M4Tb2i6LTKZGRKm-gu-O-k1J2pXQBPaOpUUxsORdlblkxC_3Vzx68Q8ScylPwYYzpLyzFj3GaCTH9FsR_0ejWIH5z81rFxnxHeZCf429H97yORjFPEt82kAUd3BzwCq6W1vCkxT7yVlt70gHGjurOGpu8IFQoHxUW-3NYetYA_vaSjPdxcWnoUr8QlXC8k6LBdoFQs55hjwswzk6MDzJ_XRFNlWV3WoMaFWyAN53E9NDltBDNQafoMhz7YXU7T-B1QIx-JiRnkhHfnoKuOkIxVlKexQRnHmc41fJ1PUSBLYsCSVC_-x4OZxO3YQhCGHA2vDQhHvhMBJYGYaQhNJZuS57cyzD2W3bwr21OoYUJwGllQPRpnu1hDioKTPA52lLUQjLTbgdCMZG1050Ctu8LRrWXJS70xUBRm37_0RJrHsGqWW_V3mrbc1Yg2qql1fVckDensUEmfQWmYf7Ewjon7ukZo7hm9CLR_2N6HiyVkgKjPQ3WpzGRzBEpSdQkaSqg-PcpoqyUfzHoVSzn92ZAdHgatq9slrsuKBpUWgY6wX3FgTjEMdKGNVluUc1bqVyph1jiYEU9R7LQL_EMgt1Ucid7FNbdKUHZUiDfd7NU47CHAj1drg12893hmnzFCl6mc54Fptot3owiz2NwWZANbPV-6IFwROzZDz8wD4AK5PSFXWr1Znx6-Tm1OnT3jvUEscL84QGGLrGZQAYwSOYCavBlqi_Uxuxh4grf_YPWaH5x9d0B3NqKaIR7rX2VtlxYdRWwvelyKs05a6Dmpp19xCCcD93Xdg5NrYbIGiVJh6-fleRDRxbaTXUgfJt_qfADmLK_sCOgWlRsD9f3seOOGsXvQa2RDlPkPlmzmnliJNPyfAnP88iCnANHbUw_3HkI4TjqGpYh9882HSZBhJEpK1PUG3UbV4J8BFTRDSDRw3Hsh6xwFmI_Gls-cokllhsWItPb1i2yG0CMVSIXVHjIFVy5bb4G1E7SLlA6-bZf-DyU7WtEhO9QVg4G2KdBGHgy8weQdddTbUYU3OidHStigfoqb4Eer-19Fh7Q2bY7aBh2njtZYUUUbuGS664RvZNmRc4o1qUG2g23Rh_sldaczSg2BfxcTHG8ox_fqAGyLaR29OT0RfDwHVKhc4FnRyFhLKWuq9o71LTPZ5SOFSCqp2z_jj3136yJm_fdd4Aypmh-PPxINeAdMxELPLbIl0v3-Obn3GbRf-wArXP9a6xJfFP4ETC8wF1o7PS1XBY7dBtlyGFl6oj0Ho_ctrcjgJz8mPtJehZe8oepagK11ycAh9Z4SAKpbL-Viqff86XRcdGxXEQ6OoQjEL02tvBvoXXPx3_AUrPLeWReNcW4bSXWE_lY303gSP1J3HvMyhnULRpYwc3wOzx2vJ2aKATYUYCvisSUaELHi1ChrxkDRPqY-aWEF2sHJwU2N7tb_alMACS7-FQ9MBm4i7J69WL2MOwXWxysyvu8-8Lrqufxc2tyEmUocKXzoWE0l9Laeer9N0SKygwLmd6jew7FERicEn1Davtp9nFXvzYfbVWQ6A7taFv32abGv2cI0OExeukDMc5TQfYlURTbDc_NyPsjF-0mcMw2xmr4z6UFXt-NoUeSoEyQk-_-HGghcR7iHH5OwZH58WveIi6U-Qy1-PlU-ctd7s7B757fi0g7_I-za9dr_S4hedJHosKJT4S_D2v98AsWHtnFGIXn35rbkGaDF72yM-7-CWVTePnNtrHCy19f-5hZ5Vx-p26GimRtIw82WdXAFCUU-9gP4Kq-WKkzyYtBRAAmbfBppWGAWtlPG2NVPflazkujhyILEBXP2FU365M4isvlmcZUM7O5GyMY6_OoM-fqT99U62Zg-1dQFg-cIBKZYy92QH2vOyR4BJESaFypo9uEUf_HFuYmdwJLMON7MUszJRvLdqMAIVgP4E35kNvRX2vW6Jl57mLtvNU842G3KVrv2MqOorZOj1TIqtPVXDbix52iRkzHDiPvYgaGb5xeeefaWuUPW9xgz5M95yau536f-JjdHoAoGEArd0zNSb7dZrTNJcIw_GsONkG2Ya8p9P4ofrJqokuIXPLKnRYsvmVIHiJULCH7TEr5xbGP4beOUdue6MvgcW82vj_y6AAMFGe5gycL_G76IZrMTalf7AoDveAc6iu5dYNAwx8PqvrX5D4lCsqs03PY35uK_GSVIsSnGR8rp8SLHBomiagdU4sBWMZVaKkSfsY6xt4pKWI2-6-ux6IxOUOW8X7Pm_cDNUzFbHom4w9g0fl2ItL3-6jc70elITH2FpvZ3zuiTzw3QqlSjbNvcBN_0mdMeh4ph8qdFH1_Opm2IP7Bv2kzrYURMcVlEsP54WjHIwIGjJon8n5MXbk0ETEG8SNVlzLTDFnHMHpY5kgkjDBAh25G-xp8o17ka2gRP06_0VuIqbbp6LWFSEN19Jk5iaMSXsfcaT81HJl2AyUlOL65qqKfoOay9dbSzDv4J4uSjny2hxMby1I7-Ehqo56JWubQRMdnPFiKuJB85tjPsTvT-vnHCO4lNCKZoMYtpa1ZB0rBzd5jmEWkpquMLtYuZ5NP9GYmmswSulcLdZPIArfzLi4CvxL_GwCnSh5AzhyXDPSGLzBIbeAkcG_C4Kkputq4EfwBwQCZsWYaZZcTKegViBdQo-p9i6a6nppcqON3-in8&cid=CAASJeRoyKQQsYL3SMvq7xtCUKJst9Q7pRa-zPQEfrtmH9_mwtYtOJs&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
pixel.advertising.com/ups/55946/ Frame 21A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1&gdpr=0
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEDgvTXQZaRge9WaeajpTS3o&_origin=1&gdpr=0&google_cver=1
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDgvTXQZaRge9WaeajpTS3o&_origin=1&gdpr=0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuq0aYDEMqOxLEDGMyfy8sBMAE&v=APEucNXFCZHwah0DqusZsg9l8AxqSHlDdQUpOLX5HiNvjd96sWtwnoUVk14xZK2A4ZUcx9oXSLQfrFJqiIY8n0cU0iiirLwY-6ZAQCiie86QXHqWbr82pZI
Protocol
H2
Server
54.205.67.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-67-126.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDgvTXQZaRge9WaeajpTS3o&_origin=1&gdpr=0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pixel.advertising.com/ups/55946/ Frame 21A3
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&gdpr=0&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&gdpr=0&redir=true&verify=true
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55946/sync?_origin=1&gdpr=0&redir=true&verify=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuq0aYDEMqOxLEDGMyfy8sBMAE&v=APEucNXFCZHwah0DqusZsg9l8AxqSHlDdQUpOLX5HiNvjd96sWtwnoUVk14xZK2A4ZUcx9oXSLQfrFJqiIY8n0cU0iiirLwY-6ZAQCiie86QXHqWbr82pZI
Protocol
H2
Server
54.205.67.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-67-126.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55946/sync?_origin=1&gdpr=0&redir=true&verify=true
date
Sat, 04 Jun 2022 07:02:46 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 21A3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1Vd0puU3FwRTJ1RlNTMGs3eFFkbS5SYThlYXNxV1FFT35B&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1Vd0puU3FwRTJ1RlNTMGs3eFFkbS5SYThlYXNxV1FFT35B&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuq0aYDEMqOxLEDGMyfy8sBMAE&v=APEucNXFCZHwah0DqusZsg9l8AxqSHlDdQUpOLX5HiNvjd96sWtwnoUVk14xZK2A4ZUcx9oXSLQfrFJqiIY8n0cU0iiirLwY-6ZAQCiie86QXHqWbr82pZI
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1Vd0puU3FwRTJ1RlNTMGs3eFFkbS5SYThlYXNxV1FFT35B&gdpr=0&gdpr_consent=
date
Sat, 04 Jun 2022 07:02:46 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame DD99 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8bce064b-b76f-4792-a996-6c052d1a3a33
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6E30 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
889e7c39-e8b9-4933-a73a-51a1a3de02fb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EEC0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4921bc2575a32b7a59fa32a43b3902353cc129f4ac8010d9187f5f232fffe30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70224
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sun, 05 Jun 2022 02:33:10 GMT
xuid
eb2.3lift.com/ Frame 3B9B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 3B9B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTU2MDI2NDAyNDk0NjM5NTQzODgy
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3B9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGAIUbKDiqZS3FUaD3gxQd0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGAIUbKDiqZS3FUaD3gxQd0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGAIUbKDiqZS3FUaD3gxQd0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3B9B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTU2MDI2NDAyNDk0NjM5NTQzODgy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTU2MDI2NDAyNDk0NjM5NTQzODgy
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTU2MDI2NDAyNDk0NjM5NTQzODgy
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 3B9B
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=556026402494639543882&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=556026402494639543882&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0d04d685-8514-45b0-8074-4410be129189&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0d04d685-8514-45b0-8074-4410be129189&_noobservation=1&_expected_cookie=06da7c0...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0d04d685-8514-45b0-8074-4410be129189&_noobservation=1&_expected_cookie=06da7c091c28e7bf49bdb0525209ee43
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
715ece159b3fa210-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0d04d685-8514-45b0-8074-4410be129189&_noobservation=1&_expected_cookie=06da7c091c28e7bf49bdb0525209ee43
date
Sat, 04 Jun 2022 07:02:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
715ece138970a210-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 3B9B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/556026402494639543882?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-g2uHyV1E2oTuU0906fG_0f4kWtHSUWod1MHgISDWNg--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-g2uHyV1E2oTuU0906fG_0f4kWtHSUWod1MHgISDWNg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 04 Jun 2022 07:02:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-g2uHyV1E2oTuU0906fG_0f4kWtHSUWod1MHgISDWNg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 3B9B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=556026402494639543882&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=bff618de-2b06-48a2-bbff-b6ccc8d39000
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=da7984dc-d41e-406b-9a41-e0878b2e338f&expires=10&ssp=triplelift&bsw_param=bff618de-2b06-48a2-bbff-b6ccc8d39000
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bff618de-2b06-48a2-bbff-b6ccc8d39000&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=bff618de-2b06-48a2-bbff-b6ccc8d39000&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=bff618de-2b06-48a2-bbff-b6ccc8d39000&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 3B9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=556026402494639543882
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 3B9B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=LzYl8o9JwaVt_2Mo36Wu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JR5FS3BYN44UU...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LzYl8o9JwaVt_2Mo36Wu
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LzYl8o9JwaVt_2Mo36Wu
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LzYl8o9JwaVt_2Mo36Wu
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 3B9B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAFDDU7FNgcAAEin6MYPOw&dongle=bzwx
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFDDU7FNgcAAEin6MYPOw&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFDDU7FNgcAAEin6MYPOw&dongle=bzwx
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cframe.js
assets.a-mo.net/js/ Frame 3CCA 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a9c40a71438fef419038b70cacbb5581760e50a22d685334f3f191339b5dbae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 28b8fcaccf73021230d8e4a6c3d9e81e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
216
x-cache
Miss from cloudfront
content-encoding
br
last-modified
Mon, 23 May 2022 12:30:58 GMT
server
cloudflare
etag
W/"1adebf06d9a344b87c61ed43b7bf868d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
YTO50-C1
cf-ray
715ece0e2bbc714a-YUL
x-amz-cf-id
60Yncl0s1k9E0LbVvfWY6rDhNzXY9qNSMIWn893OqGAt0CGL4OwgUg==
expires
Sat, 04 Jun 2022 08:02:46 GMT
sd
us-u.openx.net/w/1.0/ Frame 753B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 753B 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=cd605227-1a9e-02a0-3e61-0d11674c7fc8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 753B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=e5daa252-99f3-056e-27a7-54cdc3634aad
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=e5daa252-99f3-056e-27a7-54cdc3634aad&apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=e5daa252-99f3-056e-27a7-54cdc3634aad&apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=e5daa252-99f3-056e-27a7-54cdc3634aad&apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
date
Sat, 04 Jun 2022 07:02:47 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ddp
pippio.com/api/sync/ Frame 753B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f4e11752af6e01ebe3cef5d33d019bfb57eb354d0ce7b712c3846df758d246f9791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmNGUxMTc1MmFmNmUwMWViZTNjZWY1ZDMzZDAxOWJmYjU3ZWIzNTRkMGNlN2I3MTJjMzg0NmRmNzU4ZDI0NmY5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNGUxMTc1MmFmNmUwMWViZTNjZWY1ZDMzZDAxOWJmYjU3ZWIzNTRkMGNlN2I3MTJjMzg0NmRmNzU4ZDI0NmY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4fslAYSBAgCEABCAEoA&goog...
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNGUxMTc1MmFmNmUwMWViZTNjZWY1ZDMzZDAxOWJmYjU3ZWIzNTRkMGNlN2I3MTJjMzg0NmRmNzU4ZDI0NmY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4fslAYSBAgCEABCAEoA&google_gid=CAESEMMGMLZH5ws0ccQ0309Ml8U&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNGUxMTc1MmFmNmUwMWViZTNjZWY1ZDMzZDAxOWJmYjU3ZWIzNTRkMGNlN2I3MTJjMzg0NmRmNzU4ZDI0NmY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIl4fslAYSBAgCEABCAEoA&google_gid=CAESEMMGMLZH5ws0ccQ0309Ml8U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
454
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 753B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1696151633887888005
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1696151633887888005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
32bbabc1-a74c-4235-9d67-92267c9daa62
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 753B 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=93c85da6-5d33-84dd-b48e-17503cf37524
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8Q8ZD0A1E06RVPXSS64F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=fFv1vXpa9e1nW63sKArhunkP_r5nDK66eAxAMNB9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=fFv1vXpa9e1nW63sKArhunkP_r5nDK66eAxAMNB9
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=fFv1vXpa9e1nW63sKArhunkP_r5nDK66eAxAMNB9
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cksync.php
contextual.media.net/ Frame ACC9 		45 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=EwNGcBZHlxfgonDXRwy1yjjY&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 04 Jun 2022 07:02:46 GMT
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=JJfKUYdJ0yYHWICkxdcx0
  • https://ce.lijit.com/merge?pid=26&3pid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
Date
Sat, 04 Jun 2022 07:02:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=EwNGcBZHlxfgonDXRwy1yjjY&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:bdd2823f4222c34bc79ce91e93322901
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:bdd2823f4222c34bc79ce91e93322901
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:46 GMT
server
Aorta/20220526.bba1b531
location
https://ce.lijit.com/merge?pid=84&3pid=c:bdd2823f4222c34bc79ce91e93322901
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
9f457fecea86
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
epx.gif
px.owneriq.net/fr/ Frame ACC9
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7076125662044973569&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.217.18.198 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-18-198.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=578314
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Jun 2022 23:41:21 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=40041
Connection
keep-alive
Content-Type
text/html
Content-Length
154
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1783777313217276866
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1783777313217276866
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1783777313217276866
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1654326165484&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=F2FA02F7620E412F9BAA59AB0D5D3BA6
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=F2FA02F7620E412F9BAA59AB0D5D3BA6
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=F2FA02F7620E412F9BAA59AB0D5D3BA6
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 03 Jun 2022 07:02:46 GMT
reporting
ap.lijit.com/dsp/google/ Frame ACC9
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RXdOR2NCWkhseGZnb25EWFJ3eTF5ampZ&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.74 Fort Mill, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=EwNGcBZHlxfgonDXRwy1yjjY&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=673387570093
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=673387570093
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://ce.lijit.com/merge?pid=66&3pid=673387570093
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
223
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1654326166927
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=em1JAirFG5LC&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=em1JAirFG5LC&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=em1JAirFG5LC&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5fbd64586c-f4jcc
expires
-1
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=L3ZJ2XP4-T-4YFE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame ACC9
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXdOR2NCWkhseGZnb25EWFJ3eTF5ampZ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXdOR2NCWkhseGZnb25EWFJ3eTF5ampZ&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXdOR2NCWkhseGZnb25EWFJ3eTF5ampZ&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame ACC9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=EwNGcBZHlxfgonDXRwy1yjjY/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=77dbc2b55ce4f3f4cecc10597aad1b9a&gdpr=0&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=77dbc2b55ce4f3f4cecc10597aad1b9a&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=77dbc2b55ce4f3f4cecc10597aad1b9a&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.40.42.205
content-length
0
expires
0
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=1696151633887888005&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=1696151633887888005&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1fb70ac3-66a1-4dce-8334-15bdc24e4d75
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=1696151633887888005&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=EwNGcBZHlxfgonDXRwy1yjjY&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Jun 2022 07:02:46 GMT
merge
ce.lijit.com/ Frame ACC9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=DEf6JokJqJ47SmJlfWk4&pi=sovrn&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=DEf6JokJqJ47SmJlfWk4&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=DEf6JokJqJ47SmJlfWk4&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT, Sat, 04 Jun 2022 07:02:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame C5DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFQVJvRDv_2lee5VT60eHjI&google_cver=1&gdpr=0
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=caa79e48e2a724bdc18faab1eec59a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=a188_7105276784182568428&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/caa79e48e2a724bdc18faab1eec59a?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-YIDhSHVE2oOP1j05GnQbAwv2GSVj5DoSIkWe.rzl~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=EDNHR2xN1NXnO75
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=581eea20-e3d4-11ec-9e4e-79fe3e50d71e
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1696151633887888005
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7641099&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=53b20474-e3d4-11ec-9e45-a33c04345cd2
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
0
0
pixel
cm.g.doubleclick.net/ Frame C5DC
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2FhNzllNDhlMmE3MjRiZGMxOGZhYWIxZWVjNTlh&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2FhNzllNDhlMmE3MjRiZGMxOGZhYWIxZWVjNTlh&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNVXN0MEBhQsNoNX-MBppeK3YunYzqXvtDOwM6GHSyq6KbOmPCZggxYd44wtpbuYuAdCwwdG7wEqCEavRGvg__zMvYrShqYsrCZQRRMLnYY7-OHgM-o
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2FhNzllNDhlMmE3MjRiZGMxOGZhYWIxZWVjNTlh&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1654326166876057-310
/
rtb-csync.smartadserver.com/redir/ Frame C5DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&google_cver=1
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNVXN0MEBhQsNoNX-MBppeK3YunYzqXvtDOwM6GHSyq6KbOmPCZggxYd44wtpbuYuAdCwwdG7wEqCEavRGvg__zMvYrShqYsrCZQRRMLnYY7-OHgM-o
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame C5DC
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&gdpr=0&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&gdpr_consent=&google_cver=1
43 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0YnuLCvgEwAQ&v=APEucNVXN0MEBhQsNoNX-MBppeK3YunYzqXvtDOwM6GHSyq6KbOmPCZggxYd44wtpbuYuAdCwwdG7wEqCEavRGvg__zMvYrShqYsrCZQRRMLnYY7-OHgM-o
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEO8LV6feORb-1xSSneZMbkk&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
x.serverbid.com/ Frame 8467
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EwNGcBZHlxfgonDXRwy1yjjY
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EwNGcBZHlxfgonDXRwy1yjjY
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Sat, 04 Jun 2022 07:02:46 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EwNGcBZHlxfgonDXRwy1yjjY
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
x.serverbid.com/ Frame 8467
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=1696151633887888005brt77741654326161870409ba
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=1696151633887888005brt77741654326161870409ba
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=1696151633887888005brt77741654326161870409ba
date
Sat, 04 Jun 2022 07:02:46 GMT
content-length
0
content-type
text/html
i.gif
e.serverbid.com/udb/9969/sync/ Frame 8467
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1783777313217276866
35 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1783777313217276866
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1783777313217276866
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 8467
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpsDj6V2eezDp-7lpu.RAQAA%26463
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpsDj6V2eezDp-7lpu.RAQAA%26463
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpsDj6V2eezDp-7lpu.RAQAA%26463
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Sat, 04 Jun 2022 07:02:46 GMT
usersync
x.serverbid.com/ Frame 8467
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1696151633887888005
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1696151633887888005
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8b00e4d7-46d6-4326-bc78-3102b3b981fc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 8467
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 8467
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
date
Sat, 04 Jun 2022 07:02:47 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 64A8 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
server
cafe
etag
754631604453815386
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:49:59 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 64A8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Jun 2023 01:47:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A27D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:46 GMT
async_usersync
ib.adnxs.com/ Frame D840 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
63bc394b-a60b-4512-881f-d7c4d0ef88e4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/ Frame 3C25 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=8867012480303613517&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 3C25
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:45 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1911428
content-length
0
expires
Sat, 04 Jun 2022 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3C25
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8867012480303613517&gdpr=0&gdpr_consent=
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8867012480303613517&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DSW819YJZRQ2SC6A17ZK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8867012480303613517&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
redir
rtb-csync.smartadserver.com/ Frame 3C25
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
43 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFDDU7FNgcAAEin6MYPOw&gdpr=0
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 3C25
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E5D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145962
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 1569 		1 KB
808 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.69.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-69-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d732a08510eb744ba828da666cabf959138b88ec97d8a07c2a3084c1d2dc9146

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 04 Jun 2022 07:02:46 GMT
etag
W/"0eca08be0ce67bf0c3784c7512dce87a4"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 9FC6 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 536C 		934 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.197 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
d76de70cb72aeccf4dd90943cd0ee7d1714fdbce960ec564182ed15a76cbb208

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
934
content-type
text/html
date
Sat, 04 Jun 2022 07:02:46 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6F17 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ac78f03d887d26b556d1d82611d8e6558d40b5e58da82dd2c7725dc1b899a41

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1445
Content-Type
text/html
Date
Sat, 04 Jun 2022 07:02:46 GMT
Dropped-Udsids
130|65|111|81|26|123|31|47
Expires
Sat, 04 Jun 2022 07:02:46 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
setuid
x.yieldlift.com/ Frame 1532
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
52.3.28.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-28-57.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L3ZJ2XP4-T-4YFE&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
Expires
0
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
480c78c4-e57f-467a-9b4f-906152126b32
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 04 Jun 2022 07:02:46 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=EwNGcBZHlxfgonDXRwy1yjjY
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiOTViZTU4MGQtNTdiMS00N2MwLWI2NjYtYzNjODExMTRjYzZkIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMM1pKMlhQNC1ULTRZRkUiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowM...
0
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiOTViZTU4MGQtNTdiMS00N2MwLWI2NjYtYzNjODExMTRjYzZkIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMM1pKMlhQNC1ULTRZRkUiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo0MS43MTc5NTFaIn19LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTc5NDhaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiOTViZTU4MGQtNTdiMS00N2MwLWI2NjYtYzNjODExMTRjYzZkIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMM1pKMlhQNC1ULTRZRkUiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo0MS43MTc5NTFaIn19LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTc5NDhaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1654326166914
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1783777313217276866
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 1532
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
date
Sat, 04 Jun 2022 07:02:46 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4AAE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145962
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60B0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145962
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 51EE 		649 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
41145f83d44c192401c3da512fe7cabd7c217e1dd90949d0c8ff5807bb42cfe5

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame 89CE
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3440408375380958027&gdpr=0&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3440408375380958027&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13394437
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:47 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ewr1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Sat, 04 Jun 2022 07:02:46 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3440408375380958027&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/ Frame 6D9C 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92075c52408692d80ea1b377bc02ddd07ddcef79301a747de9fe6f3bff77fc3a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
60519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3422
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 14:14:07 GMT
expires
Sat, 03 Jun 2023 14:14:07 GMT
last-modified
Thu, 01 Apr 2021 16:57:04 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame E2E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C82UslQObYoilG46PoPMP0MyvyAvf3benatmh56LYDdrZHhABIOyrggNg_eiigfADoAG1kMTAA8gBCagDAcgDSKoEpAJP0EM1hP9pi7tVQ2Rf2m0rcprAAcK3dcOBMOZLcACvJICwzlNu0RkKY2wXgyLYAVKAkzoLzxnpnMpUAe_1eeH1G25f9S45fblJTLU_fCl92tODg61UuSH67pznVXc0mC5wYVyKghk1NMJMYT41oOXw8VX7f85IA5aP0MZj7HvXnE8Sq9aL5dIz4PS_LySJThZ8vQZ0RwQ55sbOVgyYk-OgOcFowcKvXk4Fneg3xoY9WjMcfqprCAzqNCC0KhpKmAcAwPkigC-O65zV0s22E8oZBSAjwCeC_v60BTrG24ZhrnZXeC2_gdGe6nRJp1ao5cCU45pEnCZRpyrbTrWFpdx84N9qLlKINSqa6h-I5NAwCAbgWI5HyWOzRX0PUkzpEeO9TZu-wAS_lY_zzQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJP_G9IIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODg0NTYwNDc2NDA4NzQwOBgA&sigh=mcZisNQeBmM&uach_m=[UACH]&template_id=419
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame E2E1 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3727
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:00:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame E2E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame E2E1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2E1 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 8D3E 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
server
cafe
etag
754631604453815386
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:49:59 GMT
9926269625392767988
s0.2mdn.net/simgad/ Frame 8D3E 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9926269625392767988
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b9dbb60693b4348388fbac3d142eb8f0ec0915b0833810e1be17032c8ffc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 07:00:24 GMT
x-content-type-options
nosniff
age
259342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110183
x-xss-protection
0
last-modified
Thu, 26 May 2022 21:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 07:00:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame 8D3E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:35:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8D3E 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYVoYuD2xBnQZku4fBEL82CfMwd7SuPOBCzSUs6IimNPVjtniPt-yEy8f35O3WOCo694tWYcURm3kW8GJ5qatRAPKyP_4rXELwL6E7jLJxyalUh85lC-iM0aW5JeQ_jxwfx3U-tdUsaOh3Sq8I1zt94nmzhiRXPh6sX1nVvEu8vb3e3ev3afrorzzXyTPrcLfWsypObQip4_wE5ZHQZq5wWM15b5POT7Szf6iJiK1Dt9ModULgT-w_ZeICqTiT6AXeZiBT59GWgIpwiDSPcokla_VUrFBch2giO94wsnB5Xui9XomxbyNk-fAkXyqw9u7pJpJ9kOWLEFnO6cNx1moVIhapw8lsilk9CyG95kIEBv53zirq5cyWc4RRRXZ_YLsaNUeIIokA3cXn44yNBfwraWU_Z9poW6ZDsvkDAsIvMeI-xCRv1vzZrHiM4mNljfmrOtbkeIURGrhuhFyFjP_fWWkyy0t3eZW-LRyu8r8JKcj9EZX5vs1ID70i7VNweKJ3npn7yfW5yGHIebqOdwe7XEjbXLZq3oYSTv29XiKg6SYhbGGbcLp58nksBWWqlOZxclscjVqL4BiRJwPl21h3nwfVvH-bYtU6PR2ItTcToWD75RhVPanFT8JuYXxIvAcvPwuka1Ahwjpyd4papj08Y1TdhVk6XiUb81FEeHcDQCgu4fVqgIFCbZjrvo9eYqRVsQjJRbCNsTn0JO1-yk8O2zCG54t3BGK3dGVQgHtfoWiuMBfG1qtkLqabgrBcP7PVkoUJhkT5KXTT124J_pyxodyHfZk5wRqlpGuO-3w1_m_RHpr7Yf7DzpC3x3EUnUPTSgmigho_Ciuiba0VUod9nLP4N5TFU7wIS2ds-QUuzwl_vZ1HqbWQ4ryuXdzBJXlyNVRcKj4DsljiZ35c2pSJc4Q4s3T0GYpkg-vXZ3XMmn7TejEEhvqPX9uMqsjMuDWo-RGPPMqqSL-MsiQCM-cyuXhChSgzHPA1-FLZq_innyJys6xSvgIFIpGCou17mhWMXetn-Vo8WqiY5cVqJtEvyZ_6PA73CukBamRIS9JmpR_DRrf2F3YTv9EU5tU2AKJsYY6vSkkrBthUfC1h_nGDwfcBjaW8S8rnTlF8EG_abpHRpluHfhCrsuSmZssh_Obf-iqduvwsHZpGnxdJZOxHme974YgdhklVTBGVU2BfrjbbuLxouiWpEnntt1oliLViEnyOJ-qSuw&sai=AMfl-YQQx4vZPLkWxQKuUQbhSXrYcNsYhYrV35Gyv_TaoPjCo2pn76Dg2eHwoeAzdXvC44lUItuTUxePHDbGL4ekd3-hiH48jktYN39umwNWMomraKWZtqVWqXYjy0m8ZiaJ7IqlfZ-XAXfrBPCSeFM5vqyyts4p8qQ4RAzBU9xGEadEhJj-hH3uY7f2akvrzl00y24ez6WrhX1DSQNQptRhDku_&sig=Cg0ArKJSzDGBqZye_SlmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220601.88896&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp-4U9Ys0XIF_5tjjqsbosGYeKsl9lGiG2662xPC92Q-haxjvLMgGL32XB9yeBHl8osDEkJ2mOWx5CfZY18e96oKpYMA&cry=1&dbm_d=AKAmf-Ao1LU11wcEkB7ryQEXukoWwGtUv36Eh8DBp6LGSZvLFXkKelmFoj51QwpzM5CJIdVPxBhW_Bqjk8CtlCYjNRtiH1xWmJnoc5TIptwyi0BAyUNci2oHTBMLvagLvLAcDUd03x1WedrXPCWEk2vrck-yK6wdQ7IuMlxT-2KL3AOr0tIi7vjlVi7zuPODENYpPjf0WInNRQcVZFBqI2pzDeAa52dK72GPC3IlURUhc-YaxursGZTIB9h21dlv9LpF5vWbr5Y9GCN8teHw1CVA4DVTZAfslY-kssq7sWayV51tUCkNFkqT2DbdpR1npRipcmxDVbeWxwKcGatTNKz-EovNHPgd8zCdJ4wsZOL2zdJfGN3AV6d_AFRwDM70z8JxAmt8VKeRVg-EAHbpWlEMvus_Y030HOnQosbxZ0pW89vQH0ejUJ7PesoscZRA2R1_tCp-yRuP7zx3ivg6RSuWiOWBT1KAL_PMeZ2Fa29NkGsgGdoIrMW281mS4yPZfZ4EQ0lPBEFuwIRUfWcyrgrdozeFxqxgpKylw0UIGdVVP9ilRzwKwameNHh0DlW8bOinK1iIdbueYEDXVL_tIyEHgE5pFfqL02QFxEjKIWSETfq7LAnp21tbCL1XDrioHA5sohU8mT4JOuXIgY6ixHavi1GaeZ1yrvuIqZcNuMTfCpGeCR8AMbkYM6r1fOkEZ5CG69EHC7tqMOpXI064fgzsb1zDID-eekptXaDj9hzsMGtvI1lWJT2nNIsfO1WoF9cIu1z-q5FhdAV6l8qKEFShHNakDd0NrccaqHFCo5QUVmxXcpkHhWwXA8Fnx8xzcv4F34I8y27jR5bYPMIbdpAKGP6sp0GdU3B7P0DW6fUgnAM5PpW01wfmIqF8UED2vWK_Rb2OM7gdf12OYLahowbvhVd10ToZrDpB3t10OWtFNhfd3D1WQXAbgIJ3W0EOjassC-tul9zQh3ZsdpRxFj5KdKPxsTq71DN3mc-nrV7imb6BMM7B-zlv2R9haWjkOZwNBdbPPPG8fSjV0q9IwSr7uWyYP6G6zmqqa04cKfIUGLKwB2bysPkQLkkPw1uF9eWoJapqOthSCVyzB1Ywcendx4SS4pM-izZsFTQV6SmUX8YARN_x2R9U5LuntZSV_1qCf23f3keaohuiukuXunn1P26m9z1uigAegXZJTI_r7yh30PIo7xeHtNP4iXayldBgunVkOWctk2vjyhbbLrtyko47S8IQ9NQHdnkyphDpg1xtgh3PJdJhJPo3tkZesc3V8IgCfAjC3QICaFGzSbTB_pSIEIQp573_yb5CvfFQpa3kP8QR1bjFwNho-57uanswCh2rAeRCQAsak0lfRVYEqkwuHkXl2UEBZ0y6RFDyOCjIJLyGgAnBsUWVtqyuc4LHjji6cpCP-psuIbBYl3wOnME6TPDOrSM0Aa74cdLb9GEqcap8egLmQCbwQ964qlSQolqQVFpQNzxnh9K64IA65VwObeDGmH-eG0dnmmmsS0AuHt8GqAYloxXoWxcTr-YbEovNFmXb7eaoWXccu7DjImoUqb4QJ9XWQOoXyvte86jUxVzOe6GyBC9rcgvDpMVbyHQRt4qlsVCol7WcW4KbybySGaLqHIh4RtUuGs0rWJuVHyhz1nJMBW3IYRPPJ_io5PvGGTGsRP7M3g9RuRbVjpDsiXDAOHh-hH5cwz3AXaqWHstb1H2qZmRjZpKIULlxbUYA2updh8G0QJ6R_zsDmQc2lovFI72uGBuAD7pD40Smjy321fJ0y-RJ1_2zXKiT3c9CuhVwZ696EPU6rSq8QEbFQJMUjM4auCfJudE6CwsgvAZqTjdXScTVdR7QQJGr5tarZKrIwv0eEbWr8uhs7QnErLrB9Bh2s0B5ZRoEq2apH5nVMm7sSEyjZTWAhZTk7HNe8Nn9mEpWpdrdcVXkDB8UVm4dxqIJ8k8jmsCXXiBNbo4i35hd39Jlb5MD1QAhyMZpKfuoS2nOK9OeRfCIkFwUZrIbCvXTZu7g6aQ3UizF232107cZerNktHPg_SWpW6_wSuT9JxiZjuqhTfGTLd8_JfdFP-qws4no8JdYhxeqFuiJpbehTVA16wLcM9vZXUGzC-F7XoTkn6Sa4MyOEciaYqBeEvasAAjGNA39wuKy3FSbfggERP7FbNRDlDPLJUXuiY0qHXWM0QkRgbzgQq24oUhYhQQBMAFhqBDNaO7-k4j7rzZiMD6CChIWVqxW_8_4n3E7S5KAVgikDowzugSyy6uCFsplKTQbyH-Bi_yZBJJX0x29bQg2AErezS6eWjd8GJ1NoVjxm6_lWiSBhYrL8efbeKiZ0L1oF5imgiybJykqAvlWvoQTIaZntVUTLSavQaZ1-JqdM0grYiOtwNYscwgltgTEtxc9YRfF5cjHwGqgQG9a9eXRDq4zPBYdW6-MdVBvBbUydXLoYwDRFIutOXvkN3rT6vDA0_-JFrCbiZDioL8WCUULwvb0SZOHLJ-gX0PmzSkorO9LpvhGRrTPKTbLzCR5oEQ9ZtNphgDissWKqOJLO051e3iTxrodI4wxK0SHcc7dGXkJVfF_xq3lHIKHEP_bLtZoOied2IXqdlpPW5VBSfQsUs6_LbmeiKnxN91OfIuoi4YPp_mQjOkXjLIGeugSYXIKwyvhsU0KeJ14tZYdwZ-wQwo-XXdTwDDTbSPp8gKj6x-k8BSC-6Ook_rqrT8gieBmVVlpJjKonT9IXD5suxCJDMqfjWkH2F3Yfd0zlx76n7UgF7cye2KSykq_SqqA1slSYTn2eSWjdYo0lvF63jhoJFbFse4FpVsYD5lo6QiapTjImgSIqdyKWm1RI27bArmddpyECqfVg4rpKx4Q5UbgZagdhWO3_u31NAxyueyqUhkuFjILZ0TDh51EktzzIDRAP5rBVFz6sfhd2yevlg1tG5UBz_aJT1kkDE4TmSL5ngdhsji7iQKwDKfsFx2YwaheSzNN2GMHgbmkS3_VmhFulYRfd7c0I4SySGO3SLgogXqeOMVlJNgbdAf4--rsZPkWSw5hYnWHI8TrD5kM6kKEj4VBfb80b_T9m9eH7N8c93gfsp-6rOzUOD9T2lNpfVdVo5oc8RvpQKCpnuFWOV_pyGc5xdUa9hHVVsvFi6Z395Eo7Z2HGZDDa77gOVPU0jq7LuczCoQx2LPErSUsnwzEx7kqfeWEBAWZh7mW&cid=CAASJeRods7_geRno8D0d-bOxm6oAU0RwiJuifvLz96z2x3Iivk6f30&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 04 Jun 2022 07:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8D3E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Jun 2023 01:47:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B5C5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145962
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 8467 		109 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8162734ffd2ce99d87ea972d5bd78dfc92a72c1ccac10f3de783de32bd1e2d07

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 04 Jul 2022 07:02:47 GMT
/
glitter.services.disqus.com/urls/ Frame 65D6 		847 B
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=iphoneincanada&thread_id=8929678633&referer=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
f0feacd3904e869817b230c90cf5fc9e006680a815e323724bd14a0b75d142e9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
no-cache
transfer-encoding
chunked
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Strict-Transport-Security
max-age=300; includeSubdomains
Vary
Accept-Encoding, Cookie
Cross-Origin-Resource-Policy
cross-origin
dot.gif
s0.2mdn.net/ Frame 5C70 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 05:35:00 GMT
x-content-type-options
nosniff
age
5267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Jun 2022 05:35:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 5C70 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
server
cafe
etag
754631604453815386
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:49:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame 5C70 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:35:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5C70 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyS257SRd9E15RB8jnBwDmackHB8B9ZmJYG-KCgi_yQIeZuqhKcLNZ8T3ruMqMTnk7E-TWzoG-HzOAajZnrdaOHttvaTYFwNgjHCsAmCgkfaHoSFeAbElQMORXj4qR3jmT2fwyr5ockbbdwOJnNwGpAaEYxS6osHyEBOT2Y9FsFUKOmEPhDnYr0gf9Mm0htLr24kWOM_1JT1iWaNRkhtuhR4iEkeceyJpSZYLXjIxiipTJqDEdLJ7UFsaWNyR51Por6t6AU4afbp7xMwvxhGV_NaSMkQN5COCdQzTzM63fYDctLDEWXPF5Fy48Nz3CdYrHZTebE4h8PgTcjGoDtLbI7TIteEMbxjjFVIH1LoqzDFQ8g7RqEh21heMCYff2iU02a3zdj5X-_5p_QrlUaS3Q76xYJWzYQUUht1njQ503mcDA6FiiCjlIVQ7rGQGIrl2pBIrKTVZRUyLnExdqd0JPSMmpWiW_IOBEyC_AoLDN8hj4B8k9CP3RmDdVeow-VHdfjixJcs4u4FxwFLz-poON4_JFMmFOu8PDFfXUl4s9zMvEgKByLyE4cJJFjtLPGeL-G3W_S94joFC8es7HqYLtr7-Sr7wl4ShvF6qy5XI2Z_9z7SxiCZjekDBYqY4LjPahSuRDK8_xt905rwySVcGtegb-MWg7M010UFfrdHBE0pWipj42PTScfjIJgkS72_XlmxKPpd4MSDQBy2xHaA7cTjziMqrjTKsJzrFECEzN_eq_ka5_cRmj8VDHWiUVN6mnDg8IKYEOmmnKX6Z2OYwsFi981GaTfUYEHLmpcLCJPfNAvcbe8AzzP5-dvx_KcAqESfB_tiApcefq29Zgm6XJKlqcRvQxzv6olU3-CRHKnBtPC3rqiOMz6F6EYIIHwbxsHPdOc_3qF60znElw8-FQbT4i0KTVrm7qkWZI--jjJTI_BrWQWLe4Ritx3jhYIoGocmFWXLZyRIYFGcDG3lhIkI5f5bVGKam-TLnaO1ZdthK1Y6_rwaXoLM0uOzpShPUbRo5wi_fXjbHI0NSiF4fGYp7xFo_FY_zsO-H7aOsOPOhlu6QEkoeKVKzGGAwnrD_B01d4yYdMC65ZwHAKetjM-qVkxwRee5OHl4t9HCBiJI9X7ybPo2GgnAlGQMf8bTj3_alZavWxIGPiaZ_chU9JKvfNmxgtAfWmcKrOMOoTyez3__gU9iqCD_mB83hxjVkbMZXbm6WIkwOlFRSL1iHocydU&sai=AMfl-YQTeSAQSfu6VjD-BjG4Xm0ZIfA0KxgrAdMcMjS2e0a6B_jeZp_-xcmunuhkiakEw5Od0a9R6UUL-XDiIflCz7FMMaELcFmaEysOpZR79Y-HmYPVsWPoPDGZFvf6BNY7bLf4_MoAY_u8Y8IxFcyFRqRJTt4I0s5XIQys_OuQX-pGZpvly-m_db79mOPHrgtDKL09PwYo2CpQpk3K8cIWTyvJ&sig=Cg0ArKJSzLf7DX3RkJiiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220601.97099&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYKpdQ6MYptdvswk4vNghKFSH__RZ53Nt4OkwJNHHJzNsTE1OrOObsDO5M4sV19xhfeqgIPJfTKmQ8VoJK6kfnZAaUH3AAM9mYQ2d99C86ND7gLh-xXUKG3tcNeGS-cK1Ldg0PIMLK_ajhcr9jWl_ALI7w6w&dbm_d=AKAmf-D2la3WCJt4egVr3HLf_3qYDXNDCkk-SxAMeE01Uza-vIMUYU_UhHNphFEZUeBeOgOjLZgRZxPDFUSMA0-5F9ncgIBB7B0VlN4aDPVZRPPLKI62hxuQmmSmkJJKsTyjTYLEKERfN8T6oRRfThef0MdujyZ86a7FZeD048u9XNTbweoQaJP4q21NESeAcGCdp-DSAbkvznkTQ-I3KPeMuGmgO48jhG04-Zpb7Tw_4umlNPZnyNbvgU8O_r7gOuTq-FvZJnoLN6BCJaoxaEIMzjSdouG0jpc1c-2qPWwRR72b-zomRi0H4d9felzHnDK-6li9EshLqZtBEb67GxNO_tpJNGDwE0lTUDQQUIadFHdNGC27X46JkVbMk9FYBZSCJT7QRstn0K_fIpK7qJxVIU6HbVWDY3Sevp1JnB12hGOFI1l05c_FOUZ2o6q_8o3ODwecvaeRY-LawtkLmlbgC_xGi1LpywTwu3JLd6LQYnzSEtZAgEZ4TwbewOydlH5klOi4wPnsl2Uawmtqsm-u3kmzQUK0F9y9QJ-I7J76E4CX6XaSEwPD0wJ1acpItmsf17D2ugFjS0lmErCIiy3NKbHvQAfE1B3bClRiZD_8BmgivWYfmZi25TORyUtA_5OENaYhv_Qd9gCDMLhhc9XL1k4ufbx4o1CUcAboqCaaP322MGX3JYiX5GDj0kzPTyhEr5jb0VNJ3LL9EbqeuwglXidlz9ntyMmhokHzKZNvD3P_Ama-pK0QwC2wEOJPltw8ggI0Mrt021FvGynnbPjsonQ6NtuHoyTRZfXuV-MB34nQg2orCw_B6uKtZeRJ4bB-SVTuug8mqqgSDoEkXZ1YJDEt4NSgoCEjIlYQOvYJJf4tnVlRbwfbp5tgTMDfX6tLAzcZ0RNAZJHMFF4wyMhAACw7REyuJh8iGoDSYVYXBBb_GLU78OAL5RyY3MDW4-F-NgpE793Nna-DLJzjmZOSg7A7W4W049SjnxZUHNpc0AkKmrqDQ2zmUOs7mH0TyAMKPRxD6Y1u6yiqthO_HVS3DSixBxK9Mp-KXoVW1Hz5cSWB-OJKO4SCQTRgp9IpdiP0fOZO9RfV3j12cwAMA1QIcksPiMbALnILaTEfzuvAQquEi76qFo27TBLLjf8noVLAnaLdjtzOyMTDfc8g7rq6FRj_KYDyqHHZahpQ7_haIQ6pkxKNNb8DwlggjYMeko0ch3KEm09yHfZiggkcjv49zI6NmwOmFYpQrAUU_Y9ipdnFa-Boj08F5SctNu0zT9HE1e8zHHO8AzvG39xnuu7gF8uzkbdPGtqzuwHY_uMpLHswVC29cYY6sVeCAaylUoqsFnwJMATyEb0VdQriQM79QnCeHuqTbYJm32J5o4KnPPA6lB9vp_qDJmZU0MovV0UzngLopDEpcZaxcugokF2gnfM68yZdSsEA1Tb9SanJM_L6G7BiJZcLGDBwKOYEF1NLbj6LZc7n-p1VNJaT0z5vB0SLg--girFBwrArTsTsq1gXwmK6NhrsjKmsA5fNlFZQdfD5jKjt98VXJU7cd2zM4mOK62wdAcrr9KimdUCbcp8KCeMNeBibDFogoOmIkvK4vYpS19im2Gi8F2x04dyoLe3uyxe1-AFI4udU6e1_pa1EjdOGZWO8jvqpxzMbyCn-ujxateKC3iKkBSqYmS44XnH3vBS6NizNOgWwoG5t5Y_Js0Bo5rtoWCrqk8IdyPSi5U5aB3l3LparQwjK7EQrLewlDDObdi1Thh8_yHCdYsjIaOqW2VkB0BIMTXo8L_oGInEVbG92j_ggl2u1YgqmV6JwuDf9bb1Q-7pmg5tWXbVjp7CBcPUuZgfnVRcjXDYtLm85aKpHiaYR5nWd1pkb1UsqMbi6f05H6uv_MYlFODFfldulV_UQu3iVF8KyfPqHDE1714_3DY9LIEnpc1F6iBspVwxng0eFPWkYW5pOZYgDWa3V3oB6hR1jLUF8XCXLUZhmeNQi1MuGcoNZb_lXBaJ9IxCacGMP-coghzkaAFrZ4OHGAOMijOrOm4hbykATBdvgaYvSv8_I--as2Q7zeOv7ZkfxwCrQjMaahzDeb2PD3JtaOq7S5k7KvR-7eJJM0W4Qv4KWY2JREEHXAjozAzLxI0XJGcMzzN3U0oq77PN8Nu11eOCOsz_uEwREMjzgDGKZH8KxNo1B6f0maGBvMwqJ0n9gqAZ3XVDzXrrCOFqsuDmRWO85z_XLRSSZfMxlrf60tq2QKQZUYZxK9JE856pa_A_27pj74n776ewAm5mjHbQUeT9KBNQiDH6kDUDL_jdzxrzQMSzK2Y1J9HKzrLZTzi5fsmiMOyJ08W4WliuVzst4fQ5GfJjF2gDon4GfAJlw4M8ZWkKPAInM1t9VZZRP7weHG-oLWsl7JuiuFUwvPznoEkOMDhFO2lfuMPRwL-B01w2gjILRegNviztabgQLvNoNRe2_7tLWq2XGItJ_biqLV08Cv3c1r36y0J4uqUYlz8lB5_foPYirbcWFNn7Enaj44X7WGZzLhIpHwKDCb8Vv_jDKQ4J6bN32I2nE4kwwzCx5TO1pbgZEQ1R5JKETTX7DTWnawjBJjheV0MUj61HK8G5mNO4pUuaYkYph6G__I8aBE2fIOEBlqZKpkzAmk-dIj4HH9UzhSAI1wgCY1Ul0CaW9SYCgQyy-zu7f4LbA3twpUUbwKX2B9gsCWqwLcOz1RdWs4XKy88kmxsl2deH3vXPzerP6XF61CtUyybbVJSzeFvM4aOdGsVGO8uBc5I5IpM6-tKCD-Wrs_SdMFZBQ4sWmXFd4O3gvVH8GdwS0aEstH76WRtZtUUYTjxpzsGoG0h9WUO16EUtNDgzuaNkV674G_piRCvG21uMDD0MqLNgYnRsodk6Tyd9rcdg3kr6wxKLX_KIqe6AToDpd4zw1q5x0ef0rtim8migdZXCI50FViYth0UOZohG4UMVcDdtTmTablp9KqQigOfNtKHJyFWN12D9IymzdlPtYXXRumZxkf12zXlGYqzqvbLIs0a8rw2Y8CUjupGtYSvKex01QjlzKrefjXDgTltLidTlDHYNNbTHQ0isSRGI7KmbiyBqggev8fV6RBkRAZ_WqYCAKe7mSsO2IRv0cL9z_sCcJvJKfUN_04W0yX-WBYsAAOM37icF47FeL5fNhVx5H62NFE2RtA31uIoxbMW6ONLTZCicWHnJsdKHqJDbDGUQPiDDDsEp8Qb4Meud8PVOJ2bArSRs&cid=CAASJeRoFHySZhWw7Gd2ncCr5LTrSANlEPB-ghKOZBJtj8nva-VbE5U&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 04 Jun 2022 07:02:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ECC8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:47 GMT
cookie_sync
pbs.nextmillmedia.com/ Frame 1F96 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/cookie_sync
Requested by
Host: statics.nextmillmedia.com
URL: https://statics.nextmillmedia.com/load-cookie.html?v=4&bidders=33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,colossus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
18f8b44fed100cccfaaa2bd69fa525d71f254d4f8d95b9ef36a53528d086502a

Request headers

Referer
https://statics.nextmillmedia.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://statics.nextmillmedia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
match
events-ssc.33across.com/ Frame 2048 		68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=bd752db5-9f12-0fc8-18b7-9a175e942c9b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 2048
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1m_dOtBu3WrNb4Vrgj7JPdM71jnNOIY90jhzkq_L
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1m_dOtBu3WrNb4Vrgj7JPdM71jnNOIY90jhzkq_L
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1m_dOtBu3WrNb4Vrgj7JPdM71jnNOIY90jhzkq_L
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2048
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=bff618de-2b06-48a2-bbff-b6ccc8d39000
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=bff618de-2b06-48a2-bbff-b6ccc8d39000
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ba1b618e-e9bf-4e72-8c34-6498ab955e8a&user_group=1&ssp=openx&bsw_param=bff618de-2b06-48a2-bbff-b6ccc8d39000
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=
Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 2048
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1783777313217276866
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1783777313217276866
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1783777313217276866
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 2048
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=F2FA02F7620E412F9BAA59AB0D5D3BA6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=F2FA02F7620E412F9BAA59AB0D5D3BA6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:47 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=F2FA02F7620E412F9BAA59AB0D5D3BA6
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 03 Jun 2022 07:02:47 GMT
53233
i6.liadm.com/s/ Frame 2048
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=cba8fd5f-7643-0556-3606-69c1de567f2b
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=cba8fd5f-7643-0556-3606-69c1de567f2b&_li_chk=true&previous_uuid=e3fcbad1c78742dc97169a0c3056ed78
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=cba8fd5f-7643-0556-3606-69c1de567f2b&previous_uuid=b6848079d925431aa6d811c119e76a6a
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID}
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3440408375380958027
  • https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3440408375380958027
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3440408375380958027
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3440408375380958027
Date
Sat, 04 Jun 2022 07:02:48 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
g.pixel
aa.agkn.com/adscores/ Frame 2048 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=d79cc1a5-0e55-04b6-1ec2-194dd4062ce2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-115.nrt51.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 70ea2665cb3938f189926758e1aadaae.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
NRT51-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
DsI9uR3MtdgaGwuFcxKngfpnqKlvWro98GpW8P4KcFFaXrXY25avRA==
expires
0
709996.gif
id.rlcdn.com/ Frame 2048 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame 2048
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=FEir5-gfhgmS9Nlwh9mEfg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
rn6a6n27ea04sc04u3j2pdp3dikatetv

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2048
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=caf8629b-0391-4400-a758-3b41b5522cdf
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=caf8629b-0391-4400-a758-3b41b5522cdf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x54 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=caf8629b-0391-4400-a758-3b41b5522cdf
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Jun 2022 07:02:46 GMT
sd
us-u.openx.net/w/1.0/ Frame 2048
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=53b20474-e3d4-11ec-9e45-a33c04345cd2
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=53b20474-e3d4-11ec-9e45-a33c04345cd2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=53b20474-e3d4-11ec-9e45-a33c04345cd2
Date
Sat, 04 Jun 2022 07:02:46 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5706ad42-e3d4-11ec-9906-096acc764c60
css
fonts.googleapis.com/ Frame 736B 		5 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f01e377121631cac91f0f644ae025a9ad40000b69e3317ebda1b1c6a83fdddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jun 2022 06:02:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Jun 2022 07:02:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jun 2022 07:02:47 GMT
4024ca9ddfe08ebef89b56fbf44d5fab.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 736B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/4024ca9ddfe08ebef89b56fbf44d5fab.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
185e2bff3b9f7b597f819010519c5e3fd7f57abcfc4a0d0d9a5c8b93b230a580
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
326182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19007
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 31 May 2022 12:26:25 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 31 May 2023 12:26:25 GMT
7d66114e00a5f076622403af191d9798.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 736B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/7d66114e00a5f076622403af191d9798.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0478a5c2d7ff284928ccfb76d44fff3741326b35e11b39e4002223424b805844
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
326182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3920
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 31 May 2022 12:26:25 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 31 May 2023 12:26:25 GMT
eb164a53945ab4b13219d589cbebdaa7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 736B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/eb164a53945ab4b13219d589cbebdaa7.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c3bb4b0dc50c421daa6ffd15f9c2fa5477f1dcbeca3d8ab68ebd7a60f030157
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
326182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 31 May 2022 12:26:25 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 31 May 2023 12:26:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ECC8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslOpmww56eIp21OfTwlf9MvmNGEc5MxW4Y4qbaBfclZ-i5XPEhNDoFtor2UQUY82Ca-AgeTKo2NbjV3HlsMpd8dp2K97MisyOfy_ZSgpg5VWJUFxTi&sig=Cg0ArKJSzAiC0R0Xk2rOEAE&id=lidar2&mcvt=1260&p=212,996,412,1296&mtos=1260,1260,1260,1260,1260&tos=1260,0,0,0,0&v=20220601&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=200136199&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654326162192&rpt=3285&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x90.html
s0.2mdn.net/sadbundle/10500745669963244466/ Frame A6DB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10500745669963244466/728x90.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6346e28c77bb5955fba4554b0ed25edaa7bc04fd6db4fcbb8fbca3301c176140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
155136
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2230
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 11:57:11 GMT
expires
Fri, 02 Jun 2023 11:57:11 GMT
last-modified
Wed, 11 May 2022 14:42:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 515B 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTgqiBvYUq5ndWL_rKAqPaAu7JRPXVyF06KD34K2RACt3R3IEh2UK2sueR3WTmPeGU0XPN1hCYdDP2v0Zs5dgGbfsUpAYTQTg_f7AWtP92oLfbeJvLe-MzZgI590au_P7nyueO8BkU7JhYAQP_KfpRL8XhAfrm-6I973lg8NG3EkiW3Xqiv-IGfi53DkX6tn2z_FMPeW5D7y2PsBfSFjjz5y1de_LB-JotfDOTuqv-S2QfoNt_yK0oAGrqDZt2PqAdJTFAId5tKzSEJE_0hBG0IiE8npY2x-mDHDj0IfeodLazbXsEzJnPGX1U4PUKhJmIZrOrjqsbS2-HICPMS0NbV2C507TDiU6OJPwaZZ-l9cEafLULlWczNUZb6ewfwo5iqKKC2-BcMZhVtW8O2NpH0xFMf73NWo-fgOOConsRPmPgiZk4Mw5Rw1tR_inaLoWqt1c_MfId95X8DYVYIf_ZGjtwdJ778Wc9bQhWj8pxBL7LAQRcEMjZM-Vb5RO25gcJWBFguccKG2nvo6ND58t04JWBDqs_sZwcSgPsJGZcJnk6X5Z-YTY9Pq16Is6Nxy_2G1d6atbGxdTp7giPeTXpMC0Tz-2UT5LJpuU_fMIg9Z1TIziXoL8pDsVEkmoUnoUCjlWHyne6D5wsFxvz132Xv_2G7Bqg4x_sDQope2lNnQOXsKohVjMG2kXXTPLcnBUaNEmKdbYBtX32NwVIxYNfgQFpq9LGpzJglUz9vzec3EXHVTnc_fpNoYUj6L1blBE6RIMGHTcd-Rsl1owlf7qUO7M6-AiyuUKuAWKkWM-A0lnnE-9Uk0weLf0Nc9YM9C-8PgW49uIpSOAmAxTddKaWh542aZglYbwsGVko1saeXCxeZ6_fAQARaoX7kBo3FUEhKwYvflO2f2kZgMRHKu4ffpetfhF-JORDeLxKUoCwFnr6H4HYQDoUo89Rk0LKrgwiGl32J7MVNX3s2zjwbXO6GiIZ3VU6p5iVUcEuCVyE1cUdjAMuEAb-dNzN7OSw5XYl4SWqCgLcGT-ZAUT8cHCLpvX2FyA1h_FTTkI1JBpM6FPSU5aasY5mImSbhPuOJHXeuRQxPVJ2cpa7cdHypz6EV7VMWvId4_h4oq3uhLBESe0c-tlsoE_qlA6Z37H7NNPV5hktVmCBTBcyN26gldH36lHkFQ6Jv9wedFuxnzl9d1OVmOjsavV-I7vxvj3F_UxgvVDCuCMH3pZowl61rCZA8EA&sai=AMfl-YQcVqjrxoDInVNiGr-_b9rHkZqPbdlui0VMr6_oTd1gS5HNVn3z6Qi3h-AkchmDzvwufDX01KVQyOa2AUh2KptvfTSuLFIO3kDTZKxo3JUUVd5lse3n_wSq6o_Q99g7TkzG_YMseNmT4dr9THuuzjyaIlPxAM87O9RdItHa3iIPebrQ4zER6_qopVFivg4YIyTbKWb8RjWV-N0M7pDhEBVo&sig=Cg0ArKJSzAoYcylBCgYhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=757&cbvp=1&cstd=732&cisv=r20220601.61435&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 04 Jun 2022 07:02:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27809415;s.a=3213511;p.a=336154095;a.a=527992559;cache=2720779958;
ad.atdmt.com/i/ Frame 515B 		0
0
yahoo
prebid.a-mo.net/setuid/ Frame D289
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
date
Sat, 04 Jun 2022 07:02:47 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame D289
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
setuid
prebid.a-mo.net/ Frame D289
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
date
Sat, 04 Jun 2022 07:02:47 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame D289
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%...
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
date
Sat, 04 Jun 2022 07:02:46 GMT
content-length
0
setuid
ib.adnxs.com/prebid/ Frame D289 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
61ae6ce6-e408-42ee-892f-70452ac4298f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DC45 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BF65 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17addcf796c61ffcc00a930578ac88162b472a8a87ffabc688c12670f8a6667e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
d3d3LmlwaG9uZWluY2FuYWRhLmNh
tcheck.outbrainimg.com/tcheck/check/ 		15 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmlwaG9uZWluY2FuYWRhLmNh
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=4166
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
13e0bb3016c1a6a3890010d664db1fc6
Content-Length
15
Expires
Sat, 04 Jun 2022 08:12:13 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Mon, 04 Jul 2022 07:02:47 GMT
event.gif
referrer.disqus.com/juggler/ Frame 65D6 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=6605&event=init_embed&thread=8929678633&forum=iphoneincanada&forum_id=19961&imp=3vfv4oct6c6tt&prev_imp&thread_slug=predator_spyware_for_iphones_uncovered_by_toronto_researchers&user_type=anon&referrer=https%3A%2F%2Fwww.iphoneincanada.ca%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4CE2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 326C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8135a9b485fa655b42dd33383f061b97e56af2a11ae49319433333a17389ba29

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
cm
u.openx.net/w/1.0/ Frame 09D0 		846 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: statics.nextmillmedia.com
URL: https://statics.nextmillmedia.com/load-cookie.html?v=4&bidders=33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,colossus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
31e91c0ad16f7afb4467c9739811c401ae97198ffebcac05e7715840406976af

Request headers

Referer
https://statics.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
532
content-type
text/html
date
Sat, 04 Jun 2022 07:02:47 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/ Frame 6B21 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
739aa72ac5c5d22fbff53db22d761fac6be92d3087b9c3ae2ff2b320b657e59a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
222209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3362
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 17:19:18 GMT
expires
Thu, 01 Jun 2023 17:19:18 GMT
last-modified
Thu, 01 Apr 2021 16:59:46 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8232 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEDBelgObYoayHIiToPMPg7CJoAPf3benasvWj9jMDdrZHhABIOyrggNg_eiigfADoAG1kMTAA8gBCagDAcgDSKoEpAJP0CxMh_P0xtv6BaGan6BlBMfjdF01Yw0F3Rq6xVhcFR6SDoDTVuWqbssYob_1uVAcTfSh7g7ycBZ9r3dmBKpV175MggZ3vF4uZEPPNm2XF5J2mmBFbRDDqorJ5XqSJwVyE7h4Xn9APE4rRXLerUbCNwtCVjg2kaFO1TXhzhlckB7jWnmTI15mykgfoZi8oP0agx6cZkxgt3jbpK-RNcmxfkvYeJHBVM-yaheqmO6wc4aNqgF6Xe3Jrzq2HwMk3_5llDspYy6JsctlNvQRo-bfGxSW7tDp1CnIF30sQJvIWx450bCUz58eu-ohZEcB4UfyAdETGPtsA-wfwk1uD7lBDHYOOGZTAe2ocHPIwhAUZFlug4rBdQbLIoPEjY_nb5M8YFxAwAS_lY_zzQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIvhItIIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODg0NTYwNDc2NDA4NzQwOBgA&sigh=Bhvf0sTZJ74&uach_m=[UACH]&template_id=419
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 04 Jun 2022 07:02:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 8232 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3728
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:00:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8232 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:47:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8232 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 06:57:31 GMT
l
www.google.com/ads/measurement/ Frame 8232 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXGbE-HK-wA92hsXKeftya8BdqVXd7gJHphaYUxyEa_5gVh8mQ5c4SM6zJzPh-LdC-2oppqvRKE3XcUMzTQO-Y0KCwkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8232 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:47 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adagio&user_id=56735439-e633-46d2-80a7-efc79ea21be5
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bff618de-2b06-48a2-bbff-b6ccc8d39000&ssp=adagio&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594507021203644355&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=42e810d3-10eb-45f8-8040-856705c10d9a&ssp=adagio&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594507021203644355&ssp=adagio&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208120804172002044652&ssp=adagio&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594507021203644355&ssp=adagio&gdpr=&gdpr_consent=
  • https://u.4dex.io/setuid?bidder=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Location
//u.4dex.io/setuid?bidder=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 1569
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_169133db-c4e8-48d7-8739-0fffd5896912&obuid=ENC(OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
no-cache
X-TraceId
1492b43a3e69c8b229a6884fcbbcc58c
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usersync
usersync.gumgum.com/ Frame 1569
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=3c2385ab-698c-0771-13fb-852a9c90bf82
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 1569
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_51b96af39a72406f8fcbc
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_51b96af39a72406f8fcbc
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_51b96af39a72406f8fcbc
date
Sat, 04 Jun 2022 07:02:47 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sync
ads.servenobid.com/ Frame 1569 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=u_169133db-c4e8-48d7-8739-0fffd5896912
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFDDU7FNgcAAEin6MYPOw&expiration=1655535767
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFDDU7FNgcAAEin6MYPOw&expiration=1655535767
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFDDU7FNgcAAEin6MYPOw&expiration=1655535767
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3392f07ea59208e5&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKEP_9Dz12QNhuW7kAAAAAAA&expiration=1654412567&is_secure=true
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKEP_9Dz12QNhuW7kAAAAAAA&expiration=1654412567&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKEP_9Dz12QNhuW7kAAAAAAA&expiration=1654412567&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2633905662877009385&expiration=1655535767
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2633905662877009385&expiration=1655535767
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2633905662877009385&expiration=1655535767
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z7UJSmG0CRp8tVEbM-QdTWLhAkl84lJNY-ID0EI9
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z7UJSmG0CRp8tVEbM-QdTWLhAkl84lJNY-ID0EI9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z7UJSmG0CRp8tVEbM-QdTWLhAkl84lJNY-ID0EI9
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YpsDj6V2eezDp-7lpu.RAQAA%26463
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=830a739c-b9f7-461e-a60c-416f5d251854-tuct9948917
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=830a739c-b9f7-461e-a60c-416f5d251854-tuct9948917
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=830a739c-b9f7-461e-a60c-416f5d251854-tuct9948917
date
Sat, 04 Jun 2022 07:02:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17199
rum
dsum-sec.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aWA2V2Z3TFhFZKgtJANe65U4mbI
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aWA2V2Z3TFhFZKgtJANe65U4mbI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=aWA2V2Z3TFhFZKgtJANe65U4mbI
Date
Sat, 04 Jun 2022 07:02:47 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7076125662044973569
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7076125662044973569
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:48 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7076125662044973569
Cache-Control
max-age=55961
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 6F17
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDNHR2xN1NXnO75
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDNHR2xN1NXnO75
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 04 Jun 2022 07:02:48 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-0dfaf2b77f7a61876@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDNHR2xN1NXnO75
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 6F17 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 536C 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8867012480303613517&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.92.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-92-151.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 536C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654326168.537465,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YpsDkQAGWK5FIQAo&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame 536C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=U0flkVVG5cFIR73ABxbxllYT7pJIEL6WVxAXhjwz
43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=U0flkVVG5cFIR73ABxbxllYT7pJIEL6WVxAXhjwz
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=U0flkVVG5cFIR73ABxbxllYT7pJIEL6WVxAXhjwz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 536C
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=06030001_629b0397d2a72&gdpr=0&gdpr_consent=
43 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=06030001_629b0397d2a72&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=06030001_629b0397d2a72&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
/
rtb-csync.smartadserver.com/redir/ Frame 536C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:46 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1987955
content-length
0
expires
Sat, 04 Jun 2022 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6D9C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 05:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 05 Jun 2022 05:04:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6D9C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 22:27:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 04 Jun 2022 22:27:06 GMT
2b9bca78717e44645984f4bd46ca7462.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/ Frame 6D9C 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/2b9bca78717e44645984f4bd46ca7462.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
60519
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19087
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:04 GMT
server
sffe
date
Fri, 03 Jun 2022 14:14:08 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Jun 2023 14:14:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6745 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 06:28:04 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
merge
ce.lijit.com/ Frame 51EE 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=a7f0ff1b-ab2d-052a-333c-23612c718196
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 51EE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGRERVN0ZOZ2NBQUVpbjZNWVBPdw&bee_sync_partners=pm%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csyn%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFDDU7FNgcAAEin6MYPOw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFDDU7FNgcAAEin6MYPOw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFDDU7FNgcAAEin6MYPOw&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFDDU7FNgcAAEin6MYPOw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsyn%26bee_...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFDDU7FNgcAAEin6MYPOw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFDDU7FNgcAAEin6MYPOw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFDDU7FNgcAAEin6MYPOw
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cksync.php
contextual.media.net/ Frame 51EE 		45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=03324844-ea99-05c7-17cf-eba9e62f2c18
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sat, 04 Jun 2022 07:02:47 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 04 Jun 2022 07:02:47 GMT
sd
us-u.openx.net/w/1.0/ Frame 51EE
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B331_F0EE6949_66B6C0D9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B331_F0EE6949_66B6C0D9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B331_F0EE6949_66B6C0D9
Date
Sat, 04 Jun 2022 07:02:47 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
194
Strict-Transport-Security
max-age=-337312967; includeSubDomains
Content-Type
text/html; charset=utf-8
sync
s.cpx.to/ Frame 51EE 		95 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=8b230dc8-7d31-0328-1616-6d6b5557a146&dsp=OPENX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.143.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-143-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 04 Jun 2022 07:02:48 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sat, 04 Jun 2022 07:02:48 UTC
sd
us-u.openx.net/w/1.0/ Frame 51EE
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=EDNHR2xN1NXnO75
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=EDNHR2xN1NXnO75
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-099fa48f5983e4319@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=EDNHR2xN1NXnO75
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 51EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2633905662877009385
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2633905662877009385
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2633905662877009385
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
view
googleads4.g.doubleclick.net/pcs/ Frame 8D3E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYVoYuD2xBnQZku4fBEL82CfMwd7SuPOBCzSUs6IimNPVjtniPt-yEy8f35O3WOCo694tWYcURm3kW8GJ5qatRAPKyP_4rXELwL6E7jLJxyalUh85lC-iM0aW5JeQ_jxwfx3U-tdUsaOh3Sq8I1zt94nmzhiRXPh6sX1nVvEu8vb3e3ev3afrorzzXyTPrcLfWsypObQip4_wE5ZHQZq5wWM15b5POT7Szf6iJiK1Dt9ModULgT-w_ZeICqTiT6AXeZiBT59GWgIpwiDSPcokla_VUrFBch2giO94wsnB5Xui9XomxbyNk-fAkXyqw9u7pJpJ9kOWLEFnO6cNx1moVIhapw8lsilk9CyG95kIEBv53zirq5cyWc4RRRXZ_YLsaNUeIIokA3cXn44yNBfwraWU_Z9poW6ZDsvkDAsIvMeI-xCRv1vzZrHiM4mNljfmrOtbkeIURGrhuhFyFjP_fWWkyy0t3eZW-LRyu8r8JKcj9EZX5vs1ID70i7VNweKJ3npn7yfW5yGHIebqOdwe7XEjbXLZq3oYSTv29XiKg6SYhbGGbcLp58nksBWWqlOZxclscjVqL4BiRJwPl21h3nwfVvH-bYtU6PR2ItTcToWD75RhVPanFT8JuYXxIvAcvPwuka1Ahwjpyd4papj08Y1TdhVk6XiUb81FEeHcDQCgu4fVqgIFCbZjrvo9eYqRVsQjJRbCNsTn0JO1-yk8O2zCG54t3BGK3dGVQgHtfoWiuMBfG1qtkLqabgrBcP7PVkoUJhkT5KXTT124J_pyxodyHfZk5wRqlpGuO-3w1_m_RHpr7Yf7DzpC3x3EUnUPTSgmigho_Ciuiba0VUod9nLP4N5TFU7wIS2ds-QUuzwl_vZ1HqbWQ4ryuXdzBJXlyNVRcKj4DsljiZ35c2pSJc4Q4s3T0GYpkg-vXZ3XMmn7TejEEhvqPX9uMqsjMuDWo-RGPPMqqSL-MsiQCM-cyuXhChSgzHPA1-FLZq_innyJys6xSvgIFIpGCou17mhWMXetn-Vo8WqiY5cVqJtEvyZ_6PA73CukBamRIS9JmpR_DRrf2F3YTv9EU5tU2AKJsYY6vSkkrBthUfC1h_nGDwfcBjaW8S8rnTlF8EG_abpHRpluHfhCrsuSmZssh_Obf-iqduvwsHZpGnxdJZOxHme974YgdhklVTBGVU2BfrjbbuLxouiWpEnntt1oliLViEnyOJ-qSuw&sai=AMfl-YQQx4vZPLkWxQKuUQbhSXrYcNsYhYrV35Gyv_TaoPjCo2pn76Dg2eHwoeAzdXvC44lUItuTUxePHDbGL4ekd3-hiH48jktYN39umwNWMomraKWZtqVWqXYjy0m8ZiaJ7IqlfZ-XAXfrBPCSeFM5vqyyts4p8qQ4RAzBU9xGEadEhJj-hH3uY7f2akvrzl00y24ez6WrhX1DSQNQptRhDku_&sig=Cg0ArKJSzDGBqZye_SlmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=606&vt=11&dtpt=605&dett=2&cstd=0&cisv=r20220601.88896&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp-4U9Ys0XIF_5tjjqsbosGYeKsl9lGiG2662xPC92Q-haxjvLMgGL32XB9yeBHl8osDEkJ2mOWx5CfZY18e96oKpYMA&cry=1&dbm_d=AKAmf-Ao1LU11wcEkB7ryQEXukoWwGtUv36Eh8DBp6LGSZvLFXkKelmFoj51QwpzM5CJIdVPxBhW_Bqjk8CtlCYjNRtiH1xWmJnoc5TIptwyi0BAyUNci2oHTBMLvagLvLAcDUd03x1WedrXPCWEk2vrck-yK6wdQ7IuMlxT-2KL3AOr0tIi7vjlVi7zuPODENYpPjf0WInNRQcVZFBqI2pzDeAa52dK72GPC3IlURUhc-YaxursGZTIB9h21dlv9LpF5vWbr5Y9GCN8teHw1CVA4DVTZAfslY-kssq7sWayV51tUCkNFkqT2DbdpR1npRipcmxDVbeWxwKcGatTNKz-EovNHPgd8zCdJ4wsZOL2zdJfGN3AV6d_AFRwDM70z8JxAmt8VKeRVg-EAHbpWlEMvus_Y030HOnQosbxZ0pW89vQH0ejUJ7PesoscZRA2R1_tCp-yRuP7zx3ivg6RSuWiOWBT1KAL_PMeZ2Fa29NkGsgGdoIrMW281mS4yPZfZ4EQ0lPBEFuwIRUfWcyrgrdozeFxqxgpKylw0UIGdVVP9ilRzwKwameNHh0DlW8bOinK1iIdbueYEDXVL_tIyEHgE5pFfqL02QFxEjKIWSETfq7LAnp21tbCL1XDrioHA5sohU8mT4JOuXIgY6ixHavi1GaeZ1yrvuIqZcNuMTfCpGeCR8AMbkYM6r1fOkEZ5CG69EHC7tqMOpXI064fgzsb1zDID-eekptXaDj9hzsMGtvI1lWJT2nNIsfO1WoF9cIu1z-q5FhdAV6l8qKEFShHNakDd0NrccaqHFCo5QUVmxXcpkHhWwXA8Fnx8xzcv4F34I8y27jR5bYPMIbdpAKGP6sp0GdU3B7P0DW6fUgnAM5PpW01wfmIqF8UED2vWK_Rb2OM7gdf12OYLahowbvhVd10ToZrDpB3t10OWtFNhfd3D1WQXAbgIJ3W0EOjassC-tul9zQh3ZsdpRxFj5KdKPxsTq71DN3mc-nrV7imb6BMM7B-zlv2R9haWjkOZwNBdbPPPG8fSjV0q9IwSr7uWyYP6G6zmqqa04cKfIUGLKwB2bysPkQLkkPw1uF9eWoJapqOthSCVyzB1Ywcendx4SS4pM-izZsFTQV6SmUX8YARN_x2R9U5LuntZSV_1qCf23f3keaohuiukuXunn1P26m9z1uigAegXZJTI_r7yh30PIo7xeHtNP4iXayldBgunVkOWctk2vjyhbbLrtyko47S8IQ9NQHdnkyphDpg1xtgh3PJdJhJPo3tkZesc3V8IgCfAjC3QICaFGzSbTB_pSIEIQp573_yb5CvfFQpa3kP8QR1bjFwNho-57uanswCh2rAeRCQAsak0lfRVYEqkwuHkXl2UEBZ0y6RFDyOCjIJLyGgAnBsUWVtqyuc4LHjji6cpCP-psuIbBYl3wOnME6TPDOrSM0Aa74cdLb9GEqcap8egLmQCbwQ964qlSQolqQVFpQNzxnh9K64IA65VwObeDGmH-eG0dnmmmsS0AuHt8GqAYloxXoWxcTr-YbEovNFmXb7eaoWXccu7DjImoUqb4QJ9XWQOoXyvte86jUxVzOe6GyBC9rcgvDpMVbyHQRt4qlsVCol7WcW4KbybySGaLqHIh4RtUuGs0rWJuVHyhz1nJMBW3IYRPPJ_io5PvGGTGsRP7M3g9RuRbVjpDsiXDAOHh-hH5cwz3AXaqWHstb1H2qZmRjZpKIULlxbUYA2updh8G0QJ6R_zsDmQc2lovFI72uGBuAD7pD40Smjy321fJ0y-RJ1_2zXKiT3c9CuhVwZ696EPU6rSq8QEbFQJMUjM4auCfJudE6CwsgvAZqTjdXScTVdR7QQJGr5tarZKrIwv0eEbWr8uhs7QnErLrB9Bh2s0B5ZRoEq2apH5nVMm7sSEyjZTWAhZTk7HNe8Nn9mEpWpdrdcVXkDB8UVm4dxqIJ8k8jmsCXXiBNbo4i35hd39Jlb5MD1QAhyMZpKfuoS2nOK9OeRfCIkFwUZrIbCvXTZu7g6aQ3UizF232107cZerNktHPg_SWpW6_wSuT9JxiZjuqhTfGTLd8_JfdFP-qws4no8JdYhxeqFuiJpbehTVA16wLcM9vZXUGzC-F7XoTkn6Sa4MyOEciaYqBeEvasAAjGNA39wuKy3FSbfggERP7FbNRDlDPLJUXuiY0qHXWM0QkRgbzgQq24oUhYhQQBMAFhqBDNaO7-k4j7rzZiMD6CChIWVqxW_8_4n3E7S5KAVgikDowzugSyy6uCFsplKTQbyH-Bi_yZBJJX0x29bQg2AErezS6eWjd8GJ1NoVjxm6_lWiSBhYrL8efbeKiZ0L1oF5imgiybJykqAvlWvoQTIaZntVUTLSavQaZ1-JqdM0grYiOtwNYscwgltgTEtxc9YRfF5cjHwGqgQG9a9eXRDq4zPBYdW6-MdVBvBbUydXLoYwDRFIutOXvkN3rT6vDA0_-JFrCbiZDioL8WCUULwvb0SZOHLJ-gX0PmzSkorO9LpvhGRrTPKTbLzCR5oEQ9ZtNphgDissWKqOJLO051e3iTxrodI4wxK0SHcc7dGXkJVfF_xq3lHIKHEP_bLtZoOied2IXqdlpPW5VBSfQsUs6_LbmeiKnxN91OfIuoi4YPp_mQjOkXjLIGeugSYXIKwyvhsU0KeJ14tZYdwZ-wQwo-XXdTwDDTbSPp8gKj6x-k8BSC-6Ook_rqrT8gieBmVVlpJjKonT9IXD5suxCJDMqfjWkH2F3Yfd0zlx76n7UgF7cye2KSykq_SqqA1slSYTn2eSWjdYo0lvF63jhoJFbFse4FpVsYD5lo6QiapTjImgSIqdyKWm1RI27bArmddpyECqfVg4rpKx4Q5UbgZagdhWO3_u31NAxyueyqUhkuFjILZ0TDh51EktzzIDRAP5rBVFz6sfhd2yevlg1tG5UBz_aJT1kkDE4TmSL5ngdhsji7iQKwDKfsFx2YwaheSzNN2GMHgbmkS3_VmhFulYRfd7c0I4SySGO3SLgogXqeOMVlJNgbdAf4--rsZPkWSw5hYnWHI8TrD5kM6kKEj4VBfb80b_T9m9eH7N8c93gfsp-6rOzUOD9T2lNpfVdVo5oc8RvpQKCpnuFWOV_pyGc5xdUa9hHVVsvFi6Z395Eo7Z2HGZDDa77gOVPU0jq7LuczCoQx2LPErSUsnwzEx7kqfeWEBAWZh7mW&cid=CAASJeRods7_geRno8D0d-bOxm6oAU0RwiJuifvLz96z2x3Iivk6f30&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
yahoo
prebid.a-mo.net/setuid/ Frame 3CCA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
date
Sat, 04 Jun 2022 07:02:47 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 3CCA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L3ZJ2XP4-T-4YFE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
setuid
prebid.a-mo.net/ Frame 3CCA
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=adform&uid=2633905662877009385
date
Sat, 04 Jun 2022 07:02:47 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame 3CCA
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D15f8b8fe-bcb5-4b0c-a98b-29833dc6aced%26bidder%...
  • https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced&bidder=smartadserver&uid=8867012480303613517
date
Sat, 04 Jun 2022 07:02:46 GMT
content-length
0
setuid
ib.adnxs.com/prebid/ Frame 3CCA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=15f8b8fe-bcb5-4b0c-a98b-29833dc6aced
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
aeb387d5-d87e-4e28-aef6-ffb9c2d88bb8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 515B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Jun 2023 01:47:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6204 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 515B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edff7019cd7f3fd44dddeb0664f8d42e8f2714a2779dd65a8e8d1e2a2830871a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
player
realtime.clinch.co/video/player_v1/ Frame 8222 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://realtime.clinch.co/video/player_v1/player?cid=yldcQE&caid=11217&format=_300ax250a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCzGS5kAObYpCcNY_u_gTU6or4BKeT4u1pv_b3stoP8C4QASD5m_GEAWDJ9qaM0KTkD6ABsLP9qQLIAQmoAwGqBIoCT9Dz02wBURMvHGEFgBoVVNRLVvkfaVLr0deZsI14pIyA8rKiG9Qhnk4-QOvoArPYSxwe985vT2OtyL-oj5AwOSnimUWIold9Lt3HTnJ6pFru_nX9gVlLQgz30GE64wSI-nuwMNw-anoAArNQS8M7hxY9qnlWTLiKXr2WPKMeiuDyoBicgQC6dKJIb9PurIiSveOutyUrpRnCXJtJ5QSlqL623SZYoYoiKUXEOWUT4TQe2Zg3YWfmIWJz1Va9j3z0ssmSxUIe9WkZ3W5B2opTAtpAB9xMX1I3Eaq2XOaj8nh0FGJXTLOJKt4G10phDOzwNXxebO9XRuroNd2qNU-uMSpp9ZaBYRhdOKbABOiokNH7A-AEA5AGAaAGTYAHuMyC1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBO20KEP0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E%26sig%3DAOD64_0woDA1rXaaEx-VOH0MJ-fEg8qgOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-B3GlePTRq3sO_WbZvYbMRf7T05KCTbAeieaLArwN-Vex67jZuDxriMOI4ZAFIyBofDpMb-zUN-Y3O8Ma-zRWKIL1nAALbng-p0ZY0deZHzxj4Vp8TXTTmIDqvJihowJsAkhUi17GxrC823e0G31GnMwHDeCg%26cry%3D1%26dbm_d%3DAKAmf-CmaA0TYIS5Xzf4ZXOXKq6ZRcct7A4CNtGST2rt-ve3qnj-VuLwP1Gtm3UscURyEcy-yPRaL8g9NJC5r-XGtFRDnA45QgQver1EQxk9H49pzl66H8seMAB84SssPjHv1dKDnnoQ2FjxIdcXQeFWEBhnuaYE1-x9xH4XCKLV1pyjkf83K7JX5idFRFujW1gNd2rKa4Llk_MkSes-zYHcfwaLuYsPPBlKorPMlLjtAm665MCYozlA7tmfWFTyvlxnt-svJDQ9JkuFQ4n88VTCannVfITzBOFtvLz8oMuqLYPtUMqp24K3cJ0pTE6q0LV6MBClgIxHXxhPisb6axZmabU5DWBjm8tu6odWBz6fzncL0siO8sKqCWq8TbXoFUQC67RqdhSU7F5WGoDUFJqFpVI4E9Iax3rSQrTA1xVUP5cviQ0qEarzhi-3c-rftvnCTdxx72phg6CsDDCAMsSn5Vtq14evCXvDZ4GGHzoVWkoms2ecsnHarvBx4zdU2sk8XSXogFD0hDAU7ke-bZP-wRR902l_pvFgYNk2cOPJsE2YB1XOG4s%26adurl%3D&dsp=dv360&plcId=334385315&dsp_impression_id=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&site_url=https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&dsp_pub_id=1&site_id=6378137792&dsp_insertion_order_id=28045553&dsp_caid=16968901175&dsp_crid=421534988&dsp_tracker_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIt8Szmz-oAozVgvYBsALx4a8NQAHSAioYACITCJCkpZmdk_gCFQ-3nwodVLUCTygBMAE4v_b3stoPQAJIAViZgSAQjLqAyQFWUfoY1oxgtM1TTnefP4pQ&rnd=1654326160871952&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.19.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-19-41.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
dcd096835964947f12cb7f44c5a82ef41f3fcb58b13d8a2d7818c00a31d6ed49

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-type
text/html; charset=utf-8
date
Sat, 04 Jun 2022 07:02:47 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
Kestrel
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 40B9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 64A8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e036ed77cece87e3af02eb53eae0ef1f8aee78de6e093d455b5c13560397412

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame C0D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpzyE6L4GeeVdZ62M9b7a3h6FnfNO3dFharKhQuX75UinEfQisrl9XFFKmGs74rtxOfroaOUbk27OiCcUkc3feDKXMig
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0D8 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:47 GMT
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2218:a400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 05:06:15 GMT
content-encoding
gzip
server
Caddy
age
6993
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 c4819413326901a7c8ee288726a9112a.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
NRT51-P2
content-length
18460
x-amz-cf-id
AeZe2wGpcGwNOvCLrf83s-MBzuOJJKYKfBCQNrSKZ5ETcF0nnUeIWg==
expires
Sat, 04 Jun 2022 17:06:15 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5AE7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:47 GMT
expires
Sat, 04 Jun 2022 07:02:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:47 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C0D8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad78ef2d20232992d750986d459d56572e1a581c536a2e4b19a29e46b0ca0b8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ Frame 736B 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 01:02:19 GMT
x-content-type-options
nosniff
age
367228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 01:02:19 GMT
createjs-2015.11.26.min.js
code.createjs.com/ Frame A6DB 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10500745669963244466/728x90.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:13::17d7:8293 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:17:47 GMT
728x90.js
s0.2mdn.net/sadbundle/10500745669963244466/ Frame A6DB 		49 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10500745669963244466/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10500745669963244466/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ab6ef1c6e7f05abf7ebc4138e4f9379d231f8213ca62b10145cf6b8d2bc389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10500745669963244466/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10127
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:42:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 02 Jun 2023 11:57:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7448 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
47913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 17:44:14 GMT
expires
Sat, 03 Jun 2023 17:44:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DFBF 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1eaf1b15a0ab08fa7618af15e1b94765b92bfb5ec90711455b0ad7980403fce3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1aEtEtT0H5zid9IvWpo45g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-1aEtEtT0H5zid9IvWpo45g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:47 GMT
expires
Sat, 04 Jun 2022 07:02:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usersync
usersync.gumgum.com/ Frame 30EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 04 Jun 2022 07:02:47 GMT
Expires
Sat, 04 Jun 2022 07:02:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master ord-pixel-x23 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
pixel
cm.g.doubleclick.net/ Frame 635C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNjkxMzNkYi1jNGU4LTQ4ZDctODczOS0wZmZmZDU4OTY5MTI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CDD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=145961
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 05 Jun 2022 23:35:28 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
gen_csp
pagead2.googlesyndication.com/pagead/ Frame E2E1 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjDvJudk_gCFY4HaAgdUOYLuQ&gqi=lQObYu7NGoqYxAP6-IPgAg&layout=/sadbundle/%24csp%253Der3%24/5751629574223798899/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
demand.catapultx.com/cdn-cgi/ Frame E130 		0
0
rum
demand.catapultx.com/cdn-cgi/ Frame E130 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7CC9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8D3E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f236b08766e529f08d5abe87ec4d1deafad0196d7875a4564d800a239a622b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
usersync
x.serverbid.com/ Frame 8467 		35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=f654ba34-23e5-48cc-a54c-24f3d1a37502
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:47 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
pixel.html
live.rezync.com/ Frame F9CD 		677 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c3vfv4svbq87v&pctry=CA&referrer=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-120.ord52.r.cloudfront.net
Software
lighttpd/1.4.33 /
Resource Hash
23397bab1f993ecb15966380b46f6c23029a1719e46277af361f193af535fb8f

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
677
content-type
text/html; charset=utf-8
date
Sat, 04 Jun 2022 07:02:48 GMT
server
lighttpd/1.4.33
via
1.1 91e7f6dd5130ccc0c1247b2da038e3de.cloudfront.net (CloudFront)
x-amz-cf-id
UukhRWGYh9krCV19XI21jWnPF6co66exLFnzYpNxIj0fPwC201sMTQ==
x-amz-cf-pop
ORD52-C2
x-cache
Miss from cloudfront
sync
pippio.com/api/ Frame A728 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pippio.com/api/sync?pid=1391&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&it=1&iv=c3vfv4svbq87v
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
5b1e2d45b886caf366856245c5fbdb202f8f4b0aa092acd36562754669d02a07

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store
content-type
text/html
date
Sat, 04 Jun 2022 07:02:47 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin
*
via
1.1 google
/
io.narrative.io/ Frame 65D6
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac3vfv4svbq87v&ret=img&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
  • https://io.narrative.io/?io.narrative.guid.v2=57580180-e3d4-11ec-b070-0a4515f2e365&companyId=19&id=disqus_id%3Ac3vfv4svbq87v&ret=img&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spywar...
35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=57580180-e3d4-11ec-b070-0a4515f2e365&companyId=19&id=disqus_id%3Ac3vfv4svbq87v&ret=img&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
52.3.39.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-39-22.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=57580180-e3d4-11ec-b070-0a4515f2e365&companyId=19&id=disqus_id%3Ac3vfv4svbq87v&ret=img&ref=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
/
io.narrative.io/ Frame 65D6
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D0%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac3vfv4svbq87v
  • https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c3vfv4svbq87v&puid=575c6e50-e3d4-11ec-b0a9-23f62dfb22b8
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c3vfv4svbq87v&puid=575c6e50-e3d4-11ec-b0a9-23f62dfb22b8
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
52.3.39.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-39-22.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=iphoneincanada&t_i=365501%20https%3A%2F%2Fwww.iphoneincanada.ca%2F%3Fp%3D365501&t_u=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&t_e=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_d=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&t_t=%E2%80%98Predator%E2%80%99%20Spyware%20for%20iPhones%20Uncovered%20by%20Toronto%20Researchers&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

location
https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c3vfv4svbq87v&puid=575c6e50-e3d4-11ec-b0a9-23f62dfb22b8
date
Sat, 04 Jun 2022 07:02:47 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F4BA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5C70 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3dadfd839737303e43fb322521a94eb5ad036ffc603205f95e34c56c0acc4de

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
domains
links.services.disqus.com/api/ 		42 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
29371317149d0e99320387ca65c5330f33dc5dc753408be18686fd5ded8b9134

Request headers

Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.iphoneincanada.ca
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
pbs.nextmillmedia.com/ Frame 09D0 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&gdpr=&gdpr_consent=&f=b&uid=f2c0ae14-f806-0cce-1f0c-55d2d59b7c49
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html
content-length
0
vary
Origin
expires
0
sd
us-u.openx.net/w/1.0/ Frame 09D0
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6e39242a57d008e6&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAADKVTZJgcY4ANj4AecAAAAAAA&expiration=1654412568&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAADKVTZJgcY4ANj4AecAAAAAAA&expiration=1654412568&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAADKVTZJgcY4ANj4AecAAAAAAA&expiration=1654412568&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 09D0
Redirect Chain
  • https://px.owneriq.net/eox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7076125662044973569
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7076125662044973569
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7076125662044973569
Cache-Control
max-age=38580
Connection
keep-alive
Content-Type
text/html
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame 09D0 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.153.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-153-203.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
content-length
0
content-type
text/plain
/
csync.loopme.me/ Frame 09D0 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=2ebf0d8b-e749-0ba2-298b-9eb7e46726f6&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.88.75.189 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.189.75.88.23.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame 09D0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=c2255066-d4e6-06b9-03db-2b20a61e46f8
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=c2255066-d4e6-06b9-03db-2b20a61e46f8
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662299046521505
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662299046521505
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
757
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
715ece195e6fca4b-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662299046521505
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
582831b9-3a2c-0d4c-246d-cc2ff278f2b8
sync.1rx.io/usersync/openx/ Frame 09D0
Redirect Chain
  • https://sync.1rx.io/usersync/openx/582831b9-3a2c-0d4c-246d-cc2ff278f2b8
  • https://sync.1rx.io/usersync/openx/582831b9-3a2c-0d4c-246d-cc2ff278f2b8?zcc=1&cb=1654326168139
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/582831b9-3a2c-0d4c-246d-cc2ff278f2b8?zcc=1&cb=1654326168139
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
ETag
RX15c7beb76d5846119a4d909ce9e88b7d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.1rx.io/usersync/openx/582831b9-3a2c-0d4c-246d-cc2ff278f2b8?zcc=1&cb=1654326168139
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E8C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
47913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 17:44:14 GMT
expires
Sat, 03 Jun 2023 17:44:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4178 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c1a61c1ff9f5bc136452d9409ed5220fca6e39e9da478a4bf3cf362eecd1b7d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bBjxwFtJFPVmN18LMTiTvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-bBjxwFtJFPVmN18LMTiTvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:47 GMT
expires
Sat, 04 Jun 2022 07:02:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame DD99 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1d8ff385-99b8-4eca-b00f-122600644109
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6E30 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b40ca54a-8ab0-4a05-9015-5ad55aaead3a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6B21 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 05:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 05 Jun 2022 05:04:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6B21 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 22:27:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 04 Jun 2022 22:27:06 GMT
2b9bca78717e44645984f4bd46ca7462.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/ Frame 6B21 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/2b9bca78717e44645984f4bd46ca7462.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
191980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19087
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:59:46 GMT
server
sffe
date
Thu, 02 Jun 2022 01:43:07 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Jun 2023 01:43:07 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A0BA 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 06:28:04 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E2E1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96836ba338cfda0985b7c63837ac8e9823612ef5c439ec61a5a5f41fdf6da1dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame EEC0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&gdpr=0
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame EEC0 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
48B1Q4WRT4DMQCCCX8J0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame EEC0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=L3ZJ2XP4-T-4YFE&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L3ZJ2XP4-T-4YFE&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
63K2AZ0CP08F8MN5AKVR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L3ZJ2XP4-T-4YFE&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
tap.php
pixel.rubiconproject.com/ Frame EEC0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=caf8629b-0391-4400-a758-3b41b5522cdf&expires=28
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=caf8629b-0391-4400-a758-3b41b5522cdf&expires=28
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Content-Type
image/gif

Redirect headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=caf8629b-0391-4400-a758-3b41b5522cdf&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Jun 2022 07:02:47 GMT
tap.php
pixel.rubiconproject.com/ Frame EEC0
Redirect Chain
  • https://um.simpli.fi/rb_match?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F2FA02F7620E412F9BAA59AB0D5D3BA6&expires=365
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F2FA02F7620E412F9BAA59AB0D5D3BA6&expires=365
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/gif

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F2FA02F7620E412F9BAA59AB0D5D3BA6&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 03 Jun 2022 07:02:48 GMT
tap.php
pixel.rubiconproject.com/ Frame EEC0
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=EDNHR2xN1NXnO75&expires=30&gdpr=0
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=EDNHR2xN1NXnO75&expires=30&gdpr=0
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-06817b32b3f122423@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=EDNHR2xN1NXnO75&expires=30&gdpr=0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame EEC0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3440408375380958027&expires=60&gdpr=0&gdpr_consent=
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3440408375380958027&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3440408375380958027&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame EEC0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=53b20474-e3d4-11ec-9e45-a33c04345cd2&expires=30&gdpr=0
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=53b20474-e3d4-11ec-9e45-a33c04345cd2&expires=30&gdpr=0
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c3b5432477546c086cd062707f625a76
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=53b20474-e3d4-11ec-9e45-a33c04345cd2&expires=30&gdpr=0
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5763c208-e3d4-11ec-8983-17cf06905308
async_usersync
ib.adnxs.com/ Frame D840 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
66411c1d-760a-45ae-924d-112118815bca
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7339 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
105301
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 01:47:47 GMT
expires
Sat, 03 Jun 2023 01:47:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 8232 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIbV-pudk_gCFYgJaAgdA1gCNA&gqi=lgObYqTKG5GsNYWQo9gB&layout=/sadbundle/%24csp%253Der3%24/13014175897113125687/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runtime_9_18.min.js
cdn.clinch.co/a_js/dispad/ Frame 8222 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clinch.co/a_js/dispad/runtime_9_18.min.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=yldcQE&caid=11217&format=_300ax250a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCzGS5kAObYpCcNY_u_gTU6or4BKeT4u1pv_b3stoP8C4QASD5m_GEAWDJ9qaM0KTkD6ABsLP9qQLIAQmoAwGqBIoCT9Dz02wBURMvHGEFgBoVVNRLVvkfaVLr0deZsI14pIyA8rKiG9Qhnk4-QOvoArPYSxwe985vT2OtyL-oj5AwOSnimUWIold9Lt3HTnJ6pFru_nX9gVlLQgz30GE64wSI-nuwMNw-anoAArNQS8M7hxY9qnlWTLiKXr2WPKMeiuDyoBicgQC6dKJIb9PurIiSveOutyUrpRnCXJtJ5QSlqL623SZYoYoiKUXEOWUT4TQe2Zg3YWfmIWJz1Va9j3z0ssmSxUIe9WkZ3W5B2opTAtpAB9xMX1I3Eaq2XOaj8nh0FGJXTLOJKt4G10phDOzwNXxebO9XRuroNd2qNU-uMSpp9ZaBYRhdOKbABOiokNH7A-AEA5AGAaAGTYAHuMyC1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBO20KEP0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E%26sig%3DAOD64_0woDA1rXaaEx-VOH0MJ-fEg8qgOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-B3GlePTRq3sO_WbZvYbMRf7T05KCTbAeieaLArwN-Vex67jZuDxriMOI4ZAFIyBofDpMb-zUN-Y3O8Ma-zRWKIL1nAALbng-p0ZY0deZHzxj4Vp8TXTTmIDqvJihowJsAkhUi17GxrC823e0G31GnMwHDeCg%26cry%3D1%26dbm_d%3DAKAmf-CmaA0TYIS5Xzf4ZXOXKq6ZRcct7A4CNtGST2rt-ve3qnj-VuLwP1Gtm3UscURyEcy-yPRaL8g9NJC5r-XGtFRDnA45QgQver1EQxk9H49pzl66H8seMAB84SssPjHv1dKDnnoQ2FjxIdcXQeFWEBhnuaYE1-x9xH4XCKLV1pyjkf83K7JX5idFRFujW1gNd2rKa4Llk_MkSes-zYHcfwaLuYsPPBlKorPMlLjtAm665MCYozlA7tmfWFTyvlxnt-svJDQ9JkuFQ4n88VTCannVfITzBOFtvLz8oMuqLYPtUMqp24K3cJ0pTE6q0LV6MBClgIxHXxhPisb6axZmabU5DWBjm8tu6odWBz6fzncL0siO8sKqCWq8TbXoFUQC67RqdhSU7F5WGoDUFJqFpVI4E9Iax3rSQrTA1xVUP5cviQ0qEarzhi-3c-rftvnCTdxx72phg6CsDDCAMsSn5Vtq14evCXvDZ4GGHzoVWkoms2ecsnHarvBx4zdU2sk8XSXogFD0hDAU7ke-bZP-wRR902l_pvFgYNk2cOPJsE2YB1XOG4s%26adurl%3D&dsp=dv360&plcId=334385315&dsp_impression_id=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&site_url=https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&dsp_pub_id=1&site_id=6378137792&dsp_insertion_order_id=28045553&dsp_caid=16968901175&dsp_crid=421534988&dsp_tracker_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIt8Szmz-oAozVgvYBsALx4a8NQAHSAioYACITCJCkpZmdk_gCFQ-3nwodVLUCTygBMAE4v_b3stoPQAJIAViZgSAQjLqAyQFWUfoY1oxgtM1TTnefP4pQ&rnd=1654326160871952&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13::1724:128 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c3288f327298cfd1d8a7220abced32c0e0dc08ecde3ff0f3867fb3bc9832e29

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
6CKR637Y0WSCGVSS
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
35372
x-amz-id-2
K6VAXM8K9BaXTyZmNgyvi/VXLnlwZFkqDQrrhoKjvJVx39DSiQLUGfzvDAE670ec6IGzJX1hLiE=
Last-Modified
Tue, 12 Apr 2022 07:58:33 GMT
Server
AmazonS3
ETag
"9ec16db02259cd055603bab590de3b56"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=27481197
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Tue, 18 Apr 2023 08:42:45 GMT
300ax250_v9_u1009194469_en.js
cdn.clinch.co/a_styles/3122/js/ Frame 8222 		29 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clinch.co/a_styles/3122/js/300ax250_v9_u1009194469_en.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=yldcQE&caid=11217&format=_300ax250a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCzGS5kAObYpCcNY_u_gTU6or4BKeT4u1pv_b3stoP8C4QASD5m_GEAWDJ9qaM0KTkD6ABsLP9qQLIAQmoAwGqBIoCT9Dz02wBURMvHGEFgBoVVNRLVvkfaVLr0deZsI14pIyA8rKiG9Qhnk4-QOvoArPYSxwe985vT2OtyL-oj5AwOSnimUWIold9Lt3HTnJ6pFru_nX9gVlLQgz30GE64wSI-nuwMNw-anoAArNQS8M7hxY9qnlWTLiKXr2WPKMeiuDyoBicgQC6dKJIb9PurIiSveOutyUrpRnCXJtJ5QSlqL623SZYoYoiKUXEOWUT4TQe2Zg3YWfmIWJz1Va9j3z0ssmSxUIe9WkZ3W5B2opTAtpAB9xMX1I3Eaq2XOaj8nh0FGJXTLOJKt4G10phDOzwNXxebO9XRuroNd2qNU-uMSpp9ZaBYRhdOKbABOiokNH7A-AEA5AGAaAGTYAHuMyC1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBO20KEP0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E%26sig%3DAOD64_0woDA1rXaaEx-VOH0MJ-fEg8qgOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-B3GlePTRq3sO_WbZvYbMRf7T05KCTbAeieaLArwN-Vex67jZuDxriMOI4ZAFIyBofDpMb-zUN-Y3O8Ma-zRWKIL1nAALbng-p0ZY0deZHzxj4Vp8TXTTmIDqvJihowJsAkhUi17GxrC823e0G31GnMwHDeCg%26cry%3D1%26dbm_d%3DAKAmf-CmaA0TYIS5Xzf4ZXOXKq6ZRcct7A4CNtGST2rt-ve3qnj-VuLwP1Gtm3UscURyEcy-yPRaL8g9NJC5r-XGtFRDnA45QgQver1EQxk9H49pzl66H8seMAB84SssPjHv1dKDnnoQ2FjxIdcXQeFWEBhnuaYE1-x9xH4XCKLV1pyjkf83K7JX5idFRFujW1gNd2rKa4Llk_MkSes-zYHcfwaLuYsPPBlKorPMlLjtAm665MCYozlA7tmfWFTyvlxnt-svJDQ9JkuFQ4n88VTCannVfITzBOFtvLz8oMuqLYPtUMqp24K3cJ0pTE6q0LV6MBClgIxHXxhPisb6axZmabU5DWBjm8tu6odWBz6fzncL0siO8sKqCWq8TbXoFUQC67RqdhSU7F5WGoDUFJqFpVI4E9Iax3rSQrTA1xVUP5cviQ0qEarzhi-3c-rftvnCTdxx72phg6CsDDCAMsSn5Vtq14evCXvDZ4GGHzoVWkoms2ecsnHarvBx4zdU2sk8XSXogFD0hDAU7ke-bZP-wRR902l_pvFgYNk2cOPJsE2YB1XOG4s%26adurl%3D&dsp=dv360&plcId=334385315&dsp_impression_id=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&site_url=https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&dsp_pub_id=1&site_id=6378137792&dsp_insertion_order_id=28045553&dsp_caid=16968901175&dsp_crid=421534988&dsp_tracker_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIt8Szmz-oAozVgvYBsALx4a8NQAHSAioYACITCJCkpZmdk_gCFQ-3nwodVLUCTygBMAE4v_b3stoPQAJIAViZgSAQjLqAyQFWUfoY1oxgtM1TTnefP4pQ&rnd=1654326160871952&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13::1724:128 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
901bac121f9568c463b3cd455235b09947cc95c02204748c202e8abd1b96fb54

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
EQSB9P91XB4AY6TC
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
19033
x-amz-id-2
najFIiysSqvc1rEjxh5euqJOmuLSMlu6glS3psr4ER40YGSyTy1mSyMzTl9/W3X4DJ0hfyuG4TQ=
Last-Modified
Wed, 23 Mar 2022 17:14:49 GMT
Server
AmazonS3
ETag
"1b767d0da2f3a7fb7b8814db6c61b158"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=25271180
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 23 Mar 2023 18:49:08 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3878 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
105301
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 01:47:47 GMT
expires
Sat, 03 Jun 2023 01:47:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame DC45
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8m...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8m...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8mRpzLKcW6Wqu0X0xdx-Ye-RCAKv4R5xXzEM3242yRtv5ifIBL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8mRpzLKcW6Wqu0X0xdx-Ye-RCAKv4R5xXzEM3242yRtv5ifIBLgMMbFe3DyaMcWK&google_hm=MDYwMzAwMDFfNjI5YjAzOTdkMmE3Mg%3D%3D
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJBy9t1vodCFhZNKdlCgAG4OAebHrXhZ74jfE3WQt6DAZmnHD_ru0XDMK6yR-fakskbx-qgHfih8mRpzLKcW6Wqu0X0xdx-Ye-RCAKv4R5xXzEM3242yRtv5ifIBLgMMbFe3DyaMcWK&google_hm=MDYwMzAwMDFfNjI5YjAzOTdkMmE3Mg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame DC45
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEIwFkk6rpITF4xgMCGtCMlU&google_cver=1&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2Yv6pvdBWYUKQVe0WIPhKN8Rc1Hgxkn-DnObSqLEEYHfYcKKMiT8-Tr8jC1MDjwWPT6dV0n1IhR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2Yv6pvdBWYUKQVe0WIPhKN8Rc1Hgxkn-DnObSqLEEYHfYcKKMiT8-Tr8jC1MDjwWPT6dV0n1IhRxgPe-7Dteq2ndGt1877c&google_hm=MDYwMzAwMDFfNjI5YjAzOTdkMmE3Mg%3D%3D
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPL7fWfkbThimxuVysYjSJbgAThw7xKrL-pMe7FDFWiQ2Yv6pvdBWYUKQVe0WIPhKN8Rc1Hgxkn-DnObSqLEEYHfYcKKMiT8-Tr8jC1MDjwWPT6dV0n1IhRxgPe-7Dteq2ndGt1877c&google_hm=MDYwMzAwMDFfNjI5YjAzOTdkMmE3Mg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame DC45
Redirect Chain
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEMuvmDxuE06djVXMbqMIYys&google_cver=1&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tl...
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d3a6508f-54e7-4789-8a56-c2ebface8ad6&ccid=d3a6508f-54e7-4789-8a56-c2ebface8ad6&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
  • https://a.clickcertain.com/px/li/?ccid=d3a6508f-54e7-4789-8a56-c2ebface8ad6&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMuvmDxuE06djVXMbqMIYys&google_cver=1&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhg...
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEMuvmDxuE06djVXMbqMIYys&google_cver=1&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tlDbg0E57sQlcdDLAq-qGmxMyXFXA0LuP...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tlDbg0E57sQlcdDLAq-qGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ&google_hm=ZDNhNjUwOGYtNTRlNy00Nzg5LThhNTYtYzJlYmZhY2U4YWQ2
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
x-frontend
cc-nginx-55b57bbd68-8v5cg:cc-nginx-55b57bbd68-8v5cg
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
acc00aee-caf6-9870-be98-99c093a7fa70
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOR1hvkLQYOIJxA32Xk2O%2F%2Fl5F1%2Fk4qJa5q4LW6wYbj9ia45FcYv2HkB%2FR74%2BAU77pCwz%2FK6Hs90dOMlyDCK6R8SXb90sEz2EV8AcmlbE8yijRGCIrQ4NjorqR7tYzpmwVTu6djfSMJ2xRu3SXSexg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=AYg5qPK9_XoMnrlnwg1f2Q2uHtdhmxArw3xKnlyzNGiNcVCTVKhgizvfBMfTtQWchbxQZzG1z9sRmpeLXl-80bxt5j0Z-tlDbg0E57sQlcdDLAq-qGmxMyXFXA0LuPwZ6SOyijRgfzP9cWLZ&google_hm=ZDNhNjUwOGYtNTRlNy00Nzg5LThhNTYtYzJlYmZhY2U4YWQ2
x-envoy-upstream-service-time
56
cf-ray
715ece1bfc957142-YUL
pixel
cm.g.doubleclick.net/ Frame DC45
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAaaFsMN1RyegTTPrFXhmJ0&google_cver=1&google_push=AYg5qPK9hIM1OcPZi2zZgYxE-udBkl5bGlDU1tN2LHYwpMUX80ogx-lWy9jLQkpz2KV0Iqsz9TjzTp4vbPYKpNw...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aWA2V2Z3TFhFZKgtJANe65U4mbI&google_push=AYg5qPK9hIM1OcPZi2zZgYxE-udBkl5bGlDU1tN2LHYwpMUX80ogx-lWy9jLQkpz2KV0Iqsz9TjzTp4vbPYKpN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aWA2V2Z3TFhFZKgtJANe65U4mbI&google_push=AYg5qPK9hIM1OcPZi2zZgYxE-udBkl5bGlDU1tN2LHYwpMUX80ogx-lWy9jLQkpz2KV0Iqsz9TjzTp4vbPYKpNwfz94i-SmNI60Orp91aBH8ds6Y1rQRVpxFaeqNc8GDStLDokrJSYJFdKpE
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aWA2V2Z3TFhFZKgtJANe65U4mbI&google_push=AYg5qPK9hIM1OcPZi2zZgYxE-udBkl5bGlDU1tN2LHYwpMUX80ogx-lWy9jLQkpz2KV0Iqsz9TjzTp4vbPYKpNwfz94i-SmNI60Orp91aBH8ds6Y1rQRVpxFaeqNc8GDStLDokrJSYJFdKpE
Date
Sat, 04 Jun 2022 07:02:48 GMT
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame DC45
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJwvjgtJmormDm3JpaxvROQ&google_cver=1&google_push=AYg5qPL250fnfi6RZfFZ6z3V8ezECJ2LkLx6KVkQRPGyWHlkF4bTwrBj9fOctxv4bdwRLujjyH3vYXtaXkWpCMtM1VN_jwAeSBP...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPL250fnfi6RZfFZ6z3V8ezECJ2LkLx6KVkQRPGyWHlkF4bTwrBj9fOctxv4bdwRLujjyH3vYXtaXkWpCMtM1VN_jwAeSBPBc-4Tc5K4kUni2fsl2EY9YAvE56Exi5c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPL250fnfi6RZfFZ6z3V8ezECJ2LkLx6KVkQRPGyWHlkF4bTwrBj9fOctxv4bdwRLujjyH3vYXtaXkWpCMtM1VN_jwAeSBPBc-4Tc5K4kUni2fsl2EY9YAvE56Exi5cfq0yDHL-Eg0UD&google_hm=Zzg4YWE4OGNlYWNiMTQwMDAzMTM=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPL250fnfi6RZfFZ6z3V8ezECJ2LkLx6KVkQRPGyWHlkF4bTwrBj9fOctxv4bdwRLujjyH3vYXtaXkWpCMtM1VN_jwAeSBPBc-4Tc5K4kUni2fsl2EY9YAvE56Exi5cfq0yDHL-Eg0UD&google_hm=Zzg4YWE4OGNlYWNiMTQwMDAzMTM=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame DC45
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLwGxhivCbObC8F3enCn2nmX3rALdiKqrxAZPHeWGJgEcbYBomEW7eZwJN7GAnlTRxeljRptXILd7XH6MVqQ2SGB97m9tApld1kAtc95Xk_XCtbL5FuMVSPG5HCos_...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwGxhivCbObC8F3enCn2nmX3rALdiKqrxAZPHeWGJgEcbYBomEW7eZwJN7GAnlTRxeljRptXILd7XH6MVqQ2SGB97m9tApld1kAtc95Xk_XCtbL5FuMVSPG5HCos_NiLP2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwGxhivCbObC8F3enCn2nmX3rALdiKqrxAZPHeWGJgEcbYBomEW7eZwJN7GAnlTRxeljRptXILd7XH6MVqQ2SGB97m9tApld1kAtc95Xk_XCtbL5FuMVSPG5HCos_NiLP2INVZxKR-&google_hm=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwGxhivCbObC8F3enCn2nmX3rALdiKqrxAZPHeWGJgEcbYBomEW7eZwJN7GAnlTRxeljRptXILd7XH6MVqQ2SGB97m9tApld1kAtc95Xk_XCtbL5FuMVSPG5HCos_NiLP2INVZxKR-&google_hm=
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
pixel
cm.g.doubleclick.net/ Frame DC45
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEIOFe5rGLSM7sSlIEWLttuU&google_cver=1&google_push=AYg5qPLYAVFEsjjdSDaHz0EYy9L8ZDGloe98nkOYDgOrx9h8oREdx96zaxpTZIo00UXdYDLElmNs4...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLYAVFEsjjdSDaHz0EYy9L8ZDGloe98nkOYDgOrx9h8oREdx96zaxpTZIo00UXdYDLElmNs4h4vvBGCho-P87-2amo0_JYzn3gzDO33TFwdA_EaoFDWtE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLYAVFEsjjdSDaHz0EYy9L8ZDGloe98nkOYDgOrx9h8oREdx96zaxpTZIo00UXdYDLElmNs4h4vvBGCho-P87-2amo0_JYzn3gzDO33TFwdA_EaoFDWtEaIOsE34FjnSKTUyGdXVj-A&google_hm=WXBzRGtzQ284WVVBQUt6dU5BQUFBQUFB
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEIOFe5rGLSM7sSlIEWLttuU&google_cver=1&google_push=AYg5qPLYAVFEsjjdSDaHz0EYy9L8ZDGloe98nkOYDgOrx9h8oREdx96zaxpTZIo00UXdYDLElmNs4h4vvBGCho-P87-2amo0_JYzn3gzDO33TFwdA_EaoFDWtEaIOsE34FjnSKTUyGdXVj-A","cluster_id":10,"gdpr":false,"ipv4":"149.56.153.178","key":"YpsDksCo8YUAAKzuNAAAAAAA","privacy_sensitive":false,"uid":"YpsDksCo8YUAAKzuNAAAAAAA","upstream_id":"m-ad25"}
X-SO-Key
YpsDksCo8YUAAKzuNAAAAAAA
X-SO-Upstream-ID
m-ad25
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad25.dc4p.scaleout.jp
X-SO-UID
YpsDksCo8YUAAKzuNAAAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
149.56.153.178
X-SO-Cluster-ID
10
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLYAVFEsjjdSDaHz0EYy9L8ZDGloe98nkOYDgOrx9h8oREdx96zaxpTZIo00UXdYDLElmNs4h4vvBGCho-P87-2amo0_JYzn3gzDO33TFwdA_EaoFDWtEaIOsE34FjnSKTUyGdXVj-A&google_hm=WXBzRGtzQ284WVVBQUt6dU5BQUFBQUFB
Cache-Control
private
X-SO-Ads-Time
9
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
attr
cm.g.doubleclick.net/pixel/ Frame DC45 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Li26yjt8Kd90BY8PM57oPt2RLr3Y_2VzoxBDsgtXJ98jxuERE8rJQhvXTijQQqvh3pWQHv
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame BF65 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu52aku2COlTBtdPtsiwZ6apArzGIkd1fhwQMy_dFiCOzPsa5BhMQOLGhGMfVUHOdE6myj0tqkYJdMy1dnNTO1WYBocJA9MyPkuo8u3U4bagqKoUhdxYQSgXVkFrjpdf1ObZS5-OQ8VvbT5WAXpmsPxl9NX_HOSmLmF6mrSPsH87qoQgCz315l0KMOy_I9AFF8qlMRaXy3xUGGvOSjOrQ1MfjS4-LtbzDoBi7eAXBZd_d4j_olirYDZ9uqkvXTvi3YBeZTstqk7vHKF_8Sq62GLc0Cj9chV9n04gqRwOL9dR12H8xDK83rNeof-8i6FU0AV4ZrxhkxsXOb1sE9adcb1mb4pVZF2rvN-6tmGz9_8zON7sWEp4rFEBlHW8rqXB_QyJQ2tuD2rtlnQrG5akR6Q8ZpfSXQZ5-6uOdOTlZVkmb8ehmYlm3z_5rADNJmNGtleM6pMqGuSCSLssD-KrGaR3T95OIbnu68XBn5cBd8qfwOlp-wEb1m6m5VIssHUioN9kP8Ywvp2WDT7Q0-Kgvtx69qTD3B8MRHLgPTZ108EUTo8Wsj3rgdI-k4bW16HbTqZW5uuFZd2-6u7N858A2KQTR-5ZwRApcCXM6K9bKrg9OY3kjZQS97m_MXUywXvKpEXUNw_0WaW_dHhjJXDPud8eLvOHXRiNr3PveQ791mAGKl6CjPqEN1gQ-S7MXvod17qeBehwAtTDuQu6JDhn-WtSv5IntY-KRhX1B5sO0dGyhV6Iyb6RWgsoXtlaMNN_Aqw_sf15wsQ91gRBVWJNiEYOdDIbyDo79nS-I_Z339shCNjtHtoKCUKkRQPYEArpgvY1fEdcf7a8q-4LC5joQ7Pzcu9Tv1NBZaLNGo2sUBXo__cvwFeyu4BXOkEn1KsiTBvpvuWDpcFlvUcEFh5f7YjJyKax1saHaWvgggf0Q4WrUOJMzMi_aJohuzCe4aiQRqT_rOkZRrHdq4yfsoTuudRmTupAcB0CAXw4oY5pcAfFsgSJN8R5_RgHA2HiY4T8GE3MRsi1gG2cqMcuIeROiHNh3ZjvHEaizOIhen3gHUpvWfTNfyOuddLmTizPjTE4GBtQuq0stihPylufQl4V1T5ZV_MUGMoQBKadr1zbaPMHOODrukhazFKrsxCyvfBFSPkkUHg5IKaImEPpwv3vvX1zl5uo1PtuulDIG65uhglPO7TDqLjXSfd0lQWU0KaFfLkoNmYYuOEAbDzfsBVwWp28d_3&sai=AMfl-YTHbbGNqg0btDnx8BSNg2KyrcPKe7gDqS-ORbpbeXaI0ruE6b1zz8p4aYEQR8X9VFJlkxa3ZcWeaCdem0V5K6TaqGrZT96cxDw0wIq9-a9bhitjROUZWblT8MYqWn-mVOlVZ5lUZ8Z2RLAwF4dYTS5uhP5AXqMmzuFIbHhPJJdckTbfA0ciSWl_hnyCZXb-LWQ_7rehDYkinkxUHl1KxlUV&sig=Cg0ArKJSzL0ke2YF1aCoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1633&vt=11&dtpt=1631&dett=4&cstd=0&cisv=r20220601.83436&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq02cAzy9zqHUgyos6zoIOubQHY3ux-MO8Ru1HquLDlvSCOfRiK8MmYjE2r0zPIdT_WjEII5Jy9lmXRZ7Of0BH80jOubTAY35IXA-U654MYkNCHNZHAa_YuldQyt1FbvveSTk3IUArAjZ4ik6uGTvDPewp-A&dbm_d=AKAmf-BOKWvbSucMz74mfM0mucncT1SQ1wtS_bUBRGEQWVC_S0N4wPi5A8z97SjlnZKJ1SjRxlDFNJPWK11_o6gKr_vh5_G-hefVVh684FD-P1TeDXqEQC3QZmXM2KL5Pag865-cJ6yqffBDA9hkvZwfJ1EXZBxi4k7C3a3ZvICfwdprNvTHDn6UgtjBB8gI_1XSa_CodgoVcYbYZ-QvmelweIAFl3q1-7pTDHg3dYjv1-Got_qexGWCJcj5KLERWAayRosEkYtN2ucGwjYzCHrNW1ndu3-p3T93iPn0_flgDP5e0d4CMZV270IMTZJEY82woQ3Jokcth-KfgbtHtPpsc5dvqz_8B1Nqm3yafvjL0Hi_YdUhdy3_9q6HPlEcvePggs6aMc1Tgd3HOuaixPFx7QOzEl8trBS4-PDUjnN6lQhAu3qQjhRJR7WYq58QxpLtfT-FxsKVe0uq7RkkOa8d8rd5YVzv0bRHQjpL15Ctugv6-R4zimswvMy0dgBLcGAiDp45lTMiE2CPtaI-RJbjN4SafF_6bjmpiDNSglVw1-MuXCPDK0CIOjMaobyhkQEKY0q274MEy6XU3gopUc4mDmbJY4hJPKbHFoehVUDvfxgOK1Vayi1VjGSK6EHMZkL3UlUVggbHKNZNMbEVaoSYny9vHMoU2nR0keaHPi-9Idvrzrjp2z0AGnMl8eevvO5iHq0WXM8C_H1Vc1M-wQxY5MzaGGHti0qVAE2MdzrV6S6ZE1lf08-HgxMf0CmOStRpw_8AgzHv-Fw_7TnHVyZKHKzeRiWlWiH_NfAslPCbj2_OPh5Gkmzyg7_2l9xJ1iv9zR7TD13kxlxITdTc1x1jAoswwCMX19RP8aLiA0-oTnsgmeoudeQ8JJcmWGDi2DjoJpLDJvUZGQcHF7bYX3VAHhUy6k49wlvL85uqPpBsoCwzwnZFuLOZFTpPJANm_q9QKInV960ibhucG1lKYoj-nKittpMsiauhrOuuacEHa6OHI30NLanpkkmr424FGJbi6pXCCn5YQY1wcJPmmFKQxlCyYKd7BC13x_JJ3OmNhCJeMJoYUCkLCaNPYTnZeHpyupRGBeFkLAVvMWrxDsvv9JQ7nu1Eecdr6jK80Lr-N9KV5XpEMPf8mi887r1UXAsDclkdZIKhFZafvi8BnnLPybX1nfNaRaHWesuBr_QoopGkTFU-8YJ4q4Da7lxhf8FsgdwyzafXPHvKpcB42hlwnGovJVhBmjoK8hmtc4PNjkHO8vZsS-qT6NNkgrtYUTfsFPMJxbOVPKJg-A0I9eUorWEM8_vIZKqoMPbuVt2mvFgSLpJNipfdMVHzLB2feSJ0JLNzPbycRMIZxNEX15QzEbew1PbSE6GO2winJwn0N4gM3vKdIJkqXszwXrpSGj6T0mhffhlhCw0-GgvJk_PFgqtkFRcON9mEJomQa4a0I6ETXT4OQDtODITjNzCC-QZlBkPqeHA0PYPbp2E390Jqspcf5eIVQlJZ68mxTh5a9zCekiGfkJmuqAV7qVuBlZRiAyEEnDdjqgwDTQMvzCaUZYCH4Zh5inJBG-5jSGPefrQnb6Vuk2yBOTDsPD8K_eHdJ7UKyof8EJXe9EWi6_uauIeGBVqsnbqH1rB9p7R2Myi9y3mJaSn0aIe14V4SRS1rmfnQdlSGKa2bM04cz40ECwef0bTEgykxJON64K13TXmR318ZvzSBw2wcoTtNg-w4kOlqtT9DyEqvS1EHiifsIWm6FsUzP6rJqEq8MAA_JLn0W0EzCMuJIFkk7gyLvVPMAgb80RoIf90yzIjrrbieY9LSzO3V2Q3ER2VKonokswtXLoGQPaeFdTcxsSBg4CU9Myw9IqsRw7S-D3-Pbt7nMVpWofi6zmEGwqrh1waIc7P38upFhMLn-YDJWujMrAaurScjjBSOeKObawbqeLIjXcVINJnjMvpRaewrVY_B52T_DTKq5WzwY7aGIzichsa4iZE6QNmGoTIHMdcAFcxIJZ1jeTe4evjCmkOrMf_IH2aJkxoSLnRyRjjBtqv8DYgOjXlo2lPPso-EkndNeabemlhvWbK0epyBFeLDkYssODaHD4vEbnIE1WO0_47-Sy7dyc1DDuAGdjoDkVsrMJZp1I3vV9-EEIvS5t5WR0hkClgE7-ho1uUlCfUHJrXRV1NW6toYzgSn0BvWPbAaDJYzpxKKH0EcRZaD7hjQmy1qgq7lNnIEHlVAc_oVCzsLHMA_Q2bmWjAkenf96K_TXfv6wLhgpaH_8RPENWZDBviSFeGdQVCccoSiCo9VUzA9-1vRa2SoqvQGSWn2CcZ5WAo2s4STslYniwHgLvSoZGQcLIvtn_vSwJRpyOnbl3fX47vmHYFMS49xgIIj6R3xcNPLj3vNUb_QYZy8tPQC_BHEV2BvXoLM78sZIBHAIqDW6jAujjHgh74I54hgrMSuXgA8MXPYKSopI7yADQsmKbtLdnp6R0JF51pIMJul0jPt4nbhl2L2b9BQMbvDAJZK2wZ8jsU3FAkg47V5BYNZm_d7v15QA-kiYKtbPxL_WbmxaYSuoFe76Mm_Dw8bySdbd378gm_szXqMjl3rlfAfNrtm0E3pw_vxqrwNZfcrIebjQV3_F9zXZx9hJPIJT0JBAEhXx0woL9PP4cQ5x8w9NfaW8DsaeNKw23tiF5aD_zdKIa4Nqqh4ETI5w9WXcTtHx9a53qG7x1QGK0QErffYsHH2mkmtnlrmM9rJB6LfQ1IOPCsgtCmxCQlXIgMx4gHMsBs-xrW5mKM0_-Vi8JkQkBDSWxHKoTEUEs5bu3gHwUHfpd_8dGw0grZ0ND6oecM67s6elgZoojI2x2fMU341Twb5CRbSHSXub0ROdO-_8gnkYknE719FR1NwYslm_XkVbileA_uwZIA09UFXuIir3Y9i4nuxJrFdhBkQN4FC5oj-JJooYYGZFFcR8A0WTUnz7rhiiQ64GexrUgCgwL6hYm_32Y73CoZkPemtBXllroUM5BrTOZwfj-05KJrqCzsAfAYftoGDun25sguv1oINiw7fhyQ-Ty7_gnbQaPGuiGmZY1d1Eiq5lvsXEIIVJn6IstDQn5t4kCbVBk1vRA4KiFV5obBevX-24OC4n0MNbum5HQwtG0ytQm7rtpGbVyNVib3RUb4rxpVbUSrrMvqnURKLNbI4P9AZup_C1QXQkpUEEFdJI6w3wBqjgSQJm7hKnztwe396Xb8bpzNHx2czhiKUVDvNVMTZiE8&cid=CAASJeRor_UcTtRLF9IMbRPAvO7I4jDdVbE2T1YJs8yCRBnjJacl-DU&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5BE8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
105301
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 01:47:47 GMT
expires
Sat, 03 Jun 2023 01:47:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4CE2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFeo4Iaa9tJmYhj83ki4FG0&google_cver=1&google_push=AYg5qPIjbkbFJkRxAX-tAqVJcdCPd-EIA9HKwnItPzr7VOANgRB0xnEqLI9vj3yfBFxgPVCnt3SkIi9KHLbiSXQN90ARsqdEKUJTE...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ0MDQwODM3NTM4MDk1ODAyNw==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEFeo4Iaa9tJmYhj83ki4FG0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEFeo4Iaa9tJmYhj83ki4FG0&google_cver=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEFeo4Iaa9tJmYhj83ki4FG0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4CE2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL9s7V-fJ1NSEWuwb3oCmAg&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RUROSFIyeE4xTlhuTzc1&google_gid=CAESEL9s7V-fJ1NSEWuwb3oCmAg&google_cver=1&google_push=AYg5qPI-8L9xohL6IBwOmHltnQ6vpVAxhwj87phSR4HRImF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RUROSFIyeE4xTlhuTzc1&google_gid=CAESEL9s7V-fJ1NSEWuwb3oCmAg&google_cver=1&google_push=AYg5qPI-8L9xohL6IBwOmHltnQ6vpVAxhwj87phSR4HRImFgRoY-ex0zh_DVf32xyVk9pvLRDx_Qnh9YnZ23h_abeXMQ9fW8ZBocwtllSwhKWcfCObx-F31drjqTrSlW5QIXwlc57A-_s57O
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:47 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-099fa48f5983e4319@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RUROSFIyeE4xTlhuTzc1&google_gid=CAESEL9s7V-fJ1NSEWuwb3oCmAg&google_cver=1&google_push=AYg5qPI-8L9xohL6IBwOmHltnQ6vpVAxhwj87phSR4HRImFgRoY-ex0zh_DVf32xyVk9pvLRDx_Qnh9YnZ23h_abeXMQ9fW8ZBocwtllSwhKWcfCObx-F31drjqTrSlW5QIXwlc57A-_s57O
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4CE2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGRwC2i3B4SwGGE7Rp-9qIE&google_cver=1&google_push=AYg5qPKcpzcIIttcJZ0DOye0OTwL8YpsxF_naf9-R_MnhF7LWlKeXA97lWEj5l5uLwm6eNKbrFPfUj0...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=00zl6Ix2TnezZZbyt22kMmKbA5E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=00zl6Ix2TnezZZbyt22kMmKbA5E
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=00zl6Ix2TnezZZbyt22kMmKbA5E
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 4CE2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDjXSTKpvbviU8aZ9vXbhwM&google_cver=1&google_push=AYg5qPIq8SPRs9qVoKwAnjvbAAHF750sKm3QjO-JHFdjIOKlHWUGTG-nZqhe3Xp07fen9GynniYLngA6r2ItGVK40ZWtJby...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIq8SPRs9qVoKwAnjvbAAHF750sKm3QjO-JHFdjIOKlHWUGTG-nZqhe3Xp07fen9GynniYLngA6r2ItGVK40ZWtJby5Ojbrb3f02kIZdOz-Va4zh6mWdLrp3vR-L5opf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIq8SPRs9qVoKwAnjvbAAHF750sKm3QjO-JHFdjIOKlHWUGTG-nZqhe3Xp07fen9GynniYLngA6r2ItGVK40ZWtJby5Ojbrb3f02kIZdOz-Va4zh6mWdLrp3vR-L5opfSqNGC1voZGp&google_hm=MTgyMTk5MjU1MTQ3NjkzOTY3OQ%3D%3D
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIq8SPRs9qVoKwAnjvbAAHF750sKm3QjO-JHFdjIOKlHWUGTG-nZqhe3Xp07fen9GynniYLngA6r2ItGVK40ZWtJby5Ojbrb3f02kIZdOz-Va4zh6mWdLrp3vR-L5opfSqNGC1voZGp&google_hm=MTgyMTk5MjU1MTQ3NjkzOTY3OQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 4CE2
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESECC_tUhu76voglSw8ZhZTkc&google_cver=1&google_push=AYg5qPJ6UoDi2CwgpOSBe6BAtpPuAeitWCl5S7LbRTzJaAiCZRBM-qjWtx9afJ83Xf5GNvQmTxL9Bj73N6XdrijESp07tTUEDDbdn...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ6UoDi2CwgpOSBe6BAtpPuAeitWCl5S7LbRTzJaAiCZRBM-qjWtx9afJ83Xf5GNvQmTxL9Bj73N6XdrijESp07tTUEDDbdnajH94BnINiyAkDN1ZNkmkWiFAYpryvMTt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ6UoDi2CwgpOSBe6BAtpPuAeitWCl5S7LbRTzJaAiCZRBM-qjWtx9afJ83Xf5GNvQmTxL9Bj73N6XdrijESp07tTUEDDbdnajH94BnINiyAkDN1ZNkmkWiFAYpryvMTtuqbyNRx52t&google_hm=FEir5-gfhgmS9Nlwh9mEfg==
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:47 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ6UoDi2CwgpOSBe6BAtpPuAeitWCl5S7LbRTzJaAiCZRBM-qjWtx9afJ83Xf5GNvQmTxL9Bj73N6XdrijESp07tTUEDDbdnajH94BnINiyAkDN1ZNkmkWiFAYpryvMTtuqbyNRx52t&google_hm=FEir5-gfhgmS9Nlwh9mEfg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
677qnfebmq7keragre0s5mpppae66cal
pixel
cm.g.doubleclick.net/ Frame 4CE2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMUjgix5YYjhX1ynmnrYN28&google_cver=1&google_push=AYg5qPLtTGQnrlcoc6N-0QIf96GvqmAVK2dByj20Oar7YFWwU12bA9CkmVOCjtbo4BFx22RqFOVAdg25zLHHR...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPLtTGQnrlcoc6N-0QIf96GvqmAVK2dByj20Oar7YFWwU12bA9CkmVOCjtbo4BFx22RqFOVAdg25zLHHRHfF2Tycgo7neW6qMEXAvQObaY2S96wwudnqqII5-z5EkGl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPLtTGQnrlcoc6N-0QIf96GvqmAVK2dByj20Oar7YFWwU12bA9CkmVOCjtbo4BFx22RqFOVAdg25zLHHRHfF2Tycgo7neW6qMEXAvQObaY2S96wwudnqqII5-z5EkGlzr_QVxFiFf8we&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPLtTGQnrlcoc6N-0QIf96GvqmAVK2dByj20Oar7YFWwU12bA9CkmVOCjtbo4BFx22RqFOVAdg25zLHHRHfF2Tycgo7neW6qMEXAvQObaY2S96wwudnqqII5-z5EkGlzr_QVxFiFf8we&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
280
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4CE2
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPK6BYFrSLbaxhB8VIc2ZvzM8rgjC-Rq6HTv37Fd1Ad4gs-JRoPXkStSZM0MToRUQ7OBCqhwE5tofI...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPK6BYFrSLbaxhB8VIc2ZvzM8rgjC-Rq6HTv37Fd1Ad4gs-JRoPXkStSZM0MToRUQ7OBCqhwE5tofIvFTmFkd7ra4VdrNnKvV1u2LuxL8UBKJUi0YqJI20nsVK4hja7A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPK6BYFrSLbaxhB8VIc2ZvzM8rgjC-Rq6HTv37Fd1Ad4gs-JRoPXkStSZM0MToRUQ7OBCqhwE5tofIvFTmFkd7ra4VdrNnKvV1u2LuxL8UBKJUi0YqJI20nsVK4hja7AAkDfnxG2Vh0l&google_hm=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPK6BYFrSLbaxhB8VIc2ZvzM8rgjC-Rq6HTv37Fd1Ad4gs-JRoPXkStSZM0MToRUQ7OBCqhwE5tofIvFTmFkd7ra4VdrNnKvV1u2LuxL8UBKJUi0YqJI20nsVK4hja7AAkDfnxG2Vh0l&google_hm=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4CE2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5HciCb-d9IQSPNLqNaak3qFCb4scROMEHrfRf7rJWll2wOJ3XnKaTT0U3gFJY9hNalKw6
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 326C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS0H9QwaUWOAaMdGo6mkMP1nUeXqF2Q0fV7Qzs4h53JB6Yao0pUR_PygOoFIvyfocBx29e4CydhhPlAiKz05y_AVb_0oFSsKm_5Qilsnr1P_Td6zFBtglUeZkb1xbahSLVDMQ-1hcZUTUAX_aviPDl22-yz1eynTuOIWfoHTDj4FQVvGjL0GO8gyBFLt1Owd4ScXQ6X7sF9DE1nvRHWDzj13A_JoYTk76H_wiSe6th4HhJuXwRQwk8WQ92lhnBuh450REzCDSlibsSyrwUhC7rYsnyDA6VsXo47Vg1belMKTtmaE5q5g9ZbUuUeugtsUzp23hCXXdxq0MH3cdFHPdhllL--PfN0wWMHkUQDL6t9xwV3suLPqy9t1z_TuoZTz7vqTa9h4gNlpk_ZV0XFdjY7aDh8jAbzSFJMfqca-ExLVyI2wU3s7lsN_ZrxZh7xFfx4xT_f-r_NcYW60WB14odf1MFaYwkKKixJqmzSRJdWF-wWLi3wNqsEDW5ypwajc2ogSa0-PFVb79uXuINHmHHhgRT5_JrzWa4u2IrlsaIbd3Kik6n9zf2cQ7psxTiRcv9D4yMgwSBH5u-7NnBMAxiEYb0JCGdBCIPmwJfP1Xevbjw1N8ALXoRjcTc6CBUiYmdoF_QobPHVk5ZjOvGNvGdHmh7rENLzzDG5eqFt2RInUZNE-GQzsqL7ylEd63GYZ0NPv9oSLazLJN1pZNINZgaJlfRKQlvI1RY0IhnYKW38J6w2cZeMWUi2Fmd92iMPSGZsBafdGbRRE8u4c16lN7NVCdHkDxeGUlftthyZ7EQa6RNvQdbkFcRB962rOMdAEnMn1k6jB_1BYg3XIBz7PeEUX7B8rfMZ3gPjnBey-JLLzftZkePDci0pGu9pDcjCNIFWJS8-lAO4R-Lv8MXPIqcqG2zU4MiyMr9EhWQfNd-sHhOz2HA_9p3UI5Kpj-hyOpOinsAawuHnKOfI6zOLaRKG6daV0neniPrAsFdp9xGfumJH33-5d08ODOV3Mdl_HB8gAUUYcjp53uP7vJZzBN5X2eRck3h7lMEHaHWwx5fa8bFiuu1kEiOPtGRpW5RTPsmBLxIIDulxVjyAR-pSrDJMq2YXcr0VikpoHxAsaiY0fy-wPRhM50bVPWR4qTEyBAQxMr0KAB1u2x0zA1sZFaXFZa_KYy_4seT-gC_nf8ROm_b6CxScGwCo7leR27auUmxH-80OyaZJgaXsJzP3XpNcW-G&sai=AMfl-YT3XvoK-VjULO21iLE3r8PRlMwoph0wmSa6ZRAlKzA0G19O77qYgz8tgWIEV6nDuDnJEWRkzUYnxHR81LvHRO1gqWkI-JUpHRkaSQtRwAXebtQikg0Rx3fqRQyRd9joEBnbdiajzUuRcJtGzZLXFaNjDXJl5iNhm7nOHCjYeIaPzVPjAkZl9UgEJDm5Rnj-Ha8szErWqR-YLx-4vwiN5gth&sig=Cg0ArKJSzKH2QNRW_KjpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1566&vt=11&dtpt=1565&dett=4&cstd=0&cisv=r20220601.62825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHHozT10W-DBcRz534yTHBYMemtrzw_a7tbxPFegp321a5ko40ciqMDeiPe8KdyUlf0BnoGuCa_TBmc-C5SGI1_62-QcfRcO3EPBWv06onUS1fjeWKAbdU3WxQNELyKdaapvmtHBSfex4sYqQ4JLzVCG73rQ&dbm_d=AKAmf-A8IzI_YJTGR3MI6lXeS_gU1QV1iyTqkmc_vol4XF0kbWmE-FdGJFfhcJjZFaYpE6HU_Xz9aZ6prrhrN2tQZ9ZvhSm0GDjvdKLH1-9hcQvfvlkmn91xBbRqdpdP9L7Xxp7Lm9vjdtSED6aJFcfuV5wFZ90p3ZNcW9lHSWt1KKDZq10ScN-t5cAThNvSxVmFNj4diGAVfChAEtLBX_nf26nchuO7U5FhF46lFFaXDydM5T04LEkCkNYTX9WMzmlWIEO1tgFL04fR51cK6L6WMd_dFgRouPk3YmZQkQWFoaWCZcGyjnZwfKq1wVPpZyjf-Qr2K8UiOn7BXzRt8VkHh4iuvdl5m5_juDvD1v8wCGuXg4Lqx1itrFoIJRoffVfFd3-Bxosgj9bMP4tOWUI-DA3eHkeco8POFuozwh36Y7O5kOHFm1SotUSk81smMrlz8RFE-EDOgNbt7USevz8JZyi-N4tuCUGiuTKlxMFEOPepIyqAgbnpIgqh2nugj5yTkzmzZWdapJCCf3mffbwKlpkICnMS9DOPqMQ4WbrjmAYhfJCyj-M4Tb2i6LTKZGRKm-gu-O-k1J2pXQBPaOpUUxsORdlblkxC_3Vzx68Q8ScylPwYYzpLyzFj3GaCTH9FsR_0ejWIH5z81rFxnxHeZCf429H97yORjFPEt82kAUd3BzwCq6W1vCkxT7yVlt70gHGjurOGpu8IFQoHxUW-3NYetYA_vaSjPdxcWnoUr8QlXC8k6LBdoFQs55hjwswzk6MDzJ_XRFNlWV3WoMaFWyAN53E9NDltBDNQafoMhz7YXU7T-B1QIx-JiRnkhHfnoKuOkIxVlKexQRnHmc41fJ1PUSBLYsCSVC_-x4OZxO3YQhCGHA2vDQhHvhMBJYGYaQhNJZuS57cyzD2W3bwr21OoYUJwGllQPRpnu1hDioKTPA52lLUQjLTbgdCMZG1050Ctu8LRrWXJS70xUBRm37_0RJrHsGqWW_V3mrbc1Yg2qql1fVckDensUEmfQWmYf7Ewjon7ukZo7hm9CLR_2N6HiyVkgKjPQ3WpzGRzBEpSdQkaSqg-PcpoqyUfzHoVSzn92ZAdHgatq9slrsuKBpUWgY6wX3FgTjEMdKGNVluUc1bqVyph1jiYEU9R7LQL_EMgt1Ucid7FNbdKUHZUiDfd7NU47CHAj1drg12893hmnzFCl6mc54Fptot3owiz2NwWZANbPV-6IFwROzZDz8wD4AK5PSFXWr1Znx6-Tm1OnT3jvUEscL84QGGLrGZQAYwSOYCavBlqi_Uxuxh4grf_YPWaH5x9d0B3NqKaIR7rX2VtlxYdRWwvelyKs05a6Dmpp19xCCcD93Xdg5NrYbIGiVJh6-fleRDRxbaTXUgfJt_qfADmLK_sCOgWlRsD9f3seOOGsXvQa2RDlPkPlmzmnliJNPyfAnP88iCnANHbUw_3HkI4TjqGpYh9882HSZBhJEpK1PUG3UbV4J8BFTRDSDRw3Hsh6xwFmI_Gls-cokllhsWItPb1i2yG0CMVSIXVHjIFVy5bb4G1E7SLlA6-bZf-DyU7WtEhO9QVg4G2KdBGHgy8weQdddTbUYU3OidHStigfoqb4Eer-19Fh7Q2bY7aBh2njtZYUUUbuGS664RvZNmRc4o1qUG2g23Rh_sldaczSg2BfxcTHG8ox_fqAGyLaR29OT0RfDwHVKhc4FnRyFhLKWuq9o71LTPZ5SOFSCqp2z_jj3136yJm_fdd4Aypmh-PPxINeAdMxELPLbIl0v3-Obn3GbRf-wArXP9a6xJfFP4ETC8wF1o7PS1XBY7dBtlyGFl6oj0Ho_ctrcjgJz8mPtJehZe8oepagK11ycAh9Z4SAKpbL-Viqff86XRcdGxXEQ6OoQjEL02tvBvoXXPx3_AUrPLeWReNcW4bSXWE_lY303gSP1J3HvMyhnULRpYwc3wOzx2vJ2aKATYUYCvisSUaELHi1ChrxkDRPqY-aWEF2sHJwU2N7tb_alMACS7-FQ9MBm4i7J69WL2MOwXWxysyvu8-8Lrqufxc2tyEmUocKXzoWE0l9Laeer9N0SKygwLmd6jew7FERicEn1Davtp9nFXvzYfbVWQ6A7taFv32abGv2cI0OExeukDMc5TQfYlURTbDc_NyPsjF-0mcMw2xmr4z6UFXt-NoUeSoEyQk-_-HGghcR7iHH5OwZH58WveIi6U-Qy1-PlU-ctd7s7B757fi0g7_I-za9dr_S4hedJHosKJT4S_D2v98AsWHtnFGIXn35rbkGaDF72yM-7-CWVTePnNtrHCy19f-5hZ5Vx-p26GimRtIw82WdXAFCUU-9gP4Kq-WKkzyYtBRAAmbfBppWGAWtlPG2NVPflazkujhyILEBXP2FU365M4isvlmcZUM7O5GyMY6_OoM-fqT99U62Zg-1dQFg-cIBKZYy92QH2vOyR4BJESaFypo9uEUf_HFuYmdwJLMON7MUszJRvLdqMAIVgP4E35kNvRX2vW6Jl57mLtvNU842G3KVrv2MqOorZOj1TIqtPVXDbix52iRkzHDiPvYgaGb5xeeefaWuUPW9xgz5M95yau536f-JjdHoAoGEArd0zNSb7dZrTNJcIw_GsONkG2Ya8p9P4ofrJqokuIXPLKnRYsvmVIHiJULCH7TEr5xbGP4beOUdue6MvgcW82vj_y6AAMFGe5gycL_G76IZrMTalf7AoDveAc6iu5dYNAwx8PqvrX5D4lCsqs03PY35uK_GSVIsSnGR8rp8SLHBomiagdU4sBWMZVaKkSfsY6xt4pKWI2-6-ux6IxOUOW8X7Pm_cDNUzFbHom4w9g0fl2ItL3-6jc70elITH2FpvZ3zuiTzw3QqlSjbNvcBN_0mdMeh4ph8qdFH1_Opm2IP7Bv2kzrYURMcVlEsP54WjHIwIGjJon8n5MXbk0ETEG8SNVlzLTDFnHMHpY5kgkjDBAh25G-xp8o17ka2gRP06_0VuIqbbp6LWFSEN19Jk5iaMSXsfcaT81HJl2AyUlOL65qqKfoOay9dbSzDv4J4uSjny2hxMby1I7-Ehqo56JWubQRMdnPFiKuJB85tjPsTvT-vnHCO4lNCKZoMYtpa1ZB0rBzd5jmEWkpquMLtYuZ5NP9GYmmswSulcLdZPIArfzLi4CvxL_GwCnSh5AzhyXDPSGLzBIbeAkcG_C4Kkputq4EfwBwQCZsWYaZZcTKegViBdQo-p9i6a6nppcqON3-in8&cid=CAASJeRoyKQQsYL3SMvq7xtCUKJst9Q7pRa-zPQEfrtmH9_mwtYtOJs&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 8232 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d74cb858e4d278e35b427efc4eceb76c2788146feec30eefb54a190de8053b19

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
setuid
u.4dex.io/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=5818cbe3-0415-4bc2-b812-970695154f41
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=5818cbe3-0415-4bc2-b812-970695154f41
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=5818cbe3-0415-4bc2-b812-970695154f41
date
Sat, 04 Jun 2022 07:02:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1654326168296&sessionId=3d4683ff-bb09-39c3-e0fa-41e795e01d42&url=www.iphoneincanada.ca&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
3a48e9d4434013230f2c62f97edff35c
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&srcUrl=https%3A%2F%2Fwww.iphoneincanada.ca%2Ffeed%2F&idx=0&rand=57894&key=NANOWDGT01&widgetJSId=GS_1&va=true&et=true&format=html&adblck=false&abwl=false&clid=3d4683ff-bb09-39c3-e0fa-41e795e01d42&fdu=www.iphoneincanada.ca&px=304&py=4900&vpd=3700&activeTab=true&darkMode=false&settings=true&recs=true&version=2000749&sig=b5MIxRUl&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1&id5=ID5*vlHbLpJtfxdq_BrItentwE3Dh0_wvFAldCNikzGgMz4U3HQh-O77GRn0jIdwBddU&id5type=&ogn=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a15cfb510eeaf0a70da486e2194fddaf5731ef0aad3bcef1b48c3f834a15343f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
content-encoding
gzip
traffic-path
SADC1, IAD, North_America
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits
0
x-traceid
042ec6d25bca484b3c2aac1792e1268a
content-length
1859
x-served-by
cache-iad-kiad7000173-IAD
pragma
no-cache
x-timer
S1654326168.383151,VS0,VE86
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ Frame 6D9C 		5 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f01e377121631cac91f0f644ae025a9ad40000b69e3317ebda1b1c6a83fdddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jun 2022 06:27:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Jun 2022 07:02:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jun 2022 07:02:48 GMT
120f29fae9cba472e72f224764eb9c30.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/media/ Frame 6D9C 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/media/120f29fae9cba472e72f224764eb9c30.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a90b77c97ce937272123cb002004c1fb08c3c16498982ed1205334fa47cc53a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
194190
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59832
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:04 GMT
server
sffe
date
Thu, 02 Jun 2022 01:06:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Jun 2023 01:06:18 GMT
770014eeb40f7795a0007324325ed550.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/media/ Frame 6D9C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/media/770014eeb40f7795a0007324325ed550.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f0baf1841205aef52bf8ea0979c956101be27b9b02f32084c3c507347d3afb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
584974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7848
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:04 GMT
server
sffe
date
Sat, 28 May 2022 12:33:14 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 May 2023 12:33:14 GMT
64596c29fe077100bc3d5b095c1c96e7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/media/ Frame 6D9C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/media/64596c29fe077100bc3d5b095c1c96e7.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5751629574223798899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7abe79b6d8d622f570fd7b9eb6ef35ff746280fd196e663eedc0963da4301a4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
60520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1921
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:04 GMT
server
sffe
date
Fri, 03 Jun 2022 14:14:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Jun 2023 14:14:08 GMT
52154.gif
idsync.rlcdn.com/ Frame F9CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1696151633887888005
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3cbc73b2-c97c-4c6c-bfeb-8bf66b66116e%3A1654326168.01&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc3vfv4svbq87v
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c3vfv4svbq87v
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c3vfv4svbq87v&pctry=CA&referrer=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c8a1e9f9-83a4-401a-befe-eb51b1d2fdad
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame F9CD
Redirect Chain
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3cbc73b2-c97c-4c6c-bfeb-8bf66b66116e%3A1654326168.01&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1783777313217276866
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c3vfv4svbq87v
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c3vfv4svbq87v&pctry=CA&referrer=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F9CD
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=3cbc73b2-c97c-4c6c-bfeb-8bf66b66116e%3A1654326168.01
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=42e810d3-10eb-45f8-8040-856705c10d9a%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=42e810d3-10eb-45f8-8040-856705c10d9a%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=42e810d3-10eb-45f8-8040-856705c10d9a%2C
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c3vfv4svbq87v&pctry=CA&referrer=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7e2f6ba0-ad77-492e-9ec4-c1463734beb8&ttd_puid=42e810d3-10eb-45f8-8040-856705c10d9a%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
pixel
cm.g.doubleclick.net/ Frame 6204
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP8A921WY8AnQMCa9Xu9DAY&google_cver=1&google_push=AYg5qPLqE3wlShaEzDwe39TjxIVsW39D_kGWHjzsjHGS5ZULGxor54l...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7f51a0fdf8dc08e4&is_secure=true&networkId=14000&version=1&google_gid=CAESEP8A921WY8AnQMCa9Xu9DAY&google_cver=1&google_push=AYg5qPLqE3wl...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAADKJ7zBD18CQNiaB3oAAAAAAA&expiration=1654412568&google_cver=1&is_secure=true&google_gid=CAESEP8A921WY8AnQMCa9Xu9D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAADKJ7zBD18CQNiaB3oAAAAAAA&expiration=1654412568&google_cver=1&is_secure=true&google_gid=CAESEP8A921WY8AnQMCa9Xu9DAY&google_push=AYg5qPLqE3wlShaEzDwe39TjxIVsW39D_kGWHjzsjHGS5ZULGxor54l3LrrEF4hj0_tF_koOU5mivZcdn-kwC5sPv1YIRbefp7wb-Iuyz4lHsY2o_egLBRx25ZdO1YSBwDVsOKw8F1tdeQ
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAADKJ7zBD18CQNiaB3oAAAAAAA&expiration=1654412568&google_cver=1&is_secure=true&google_gid=CAESEP8A921WY8AnQMCa9Xu9DAY&google_push=AYg5qPLqE3wlShaEzDwe39TjxIVsW39D_kGWHjzsjHGS5ZULGxor54l3LrrEF4hj0_tF_koOU5mivZcdn-kwC5sPv1YIRbefp7wb-Iuyz4lHsY2o_egLBRx25ZdO1YSBwDVsOKw8F1tdeQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6204
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEAycDsrz9W_nfW-qiE5n3hA&google_cver=1&google_push=AYg5qPLszkWTnSPVg5jx2U3zL4kK4NjlKSBt0aXX4_XPQID5m1yoLSAQNiSGetkGgc1ZWLmYTbw-ul2dQTnOSYUbLxI1ZGigPYZ2p4Sl...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RENGOTg5MTg4MkM4MkIwOA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RENGOTg5MTg4MkM4MkIwOA==
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RENGOTg5MTg4MkM4MkIwOA==
date
Sat, 04 Jun 2022 07:02:48 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 6204
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEM5pVygH_5iVZum_vchr9b8&c_param1=AYg5qPK3mg8q70Bqs5GGOXkzSxfOcG2rI4i_h25eho4852fvCNUZnvlRFb_FX_HQNNv2lVuc8MRSWXIogGtPFMXGl1dApJvGMUIj1kUMkl34NkPWMIe...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPK3mg8q70Bqs5GGOXkzSxfOcG2rI4i_h25eho4852fvCNUZnvlRFb_FX_HQNNv2lVuc8MRSWXIogGtPFMXGl1dApJvGMUIj1kUMkl34NkPWMIeyUVDpkPR0PDObliJaP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPK3mg8q70Bqs5GGOXkzSxfOcG2rI4i_h25eho4852fvCNUZnvlRFb_FX_HQNNv2lVuc8MRSWXIogGtPFMXGl1dApJvGMUIj1kUMkl34NkPWMIeyUVDpkPR0PDObliJaPGE1KxiFVw
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPK3mg8q70Bqs5GGOXkzSxfOcG2rI4i_h25eho4852fvCNUZnvlRFb_FX_HQNNv2lVuc8MRSWXIogGtPFMXGl1dApJvGMUIj1kUMkl34NkPWMIeyUVDpkPR0PDObliJaPGE1KxiFVw
date
Sat, 04 Jun 2022 07:02:48 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6204
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMUjgix5YYjhX1ynmnrYN28&google_cver=1&google_push=AYg5qPKbPbFt9RpzCb13SB-PsNkKLWZyd35loFlJVANpdZYOTieDCW-bQoSDjmOfS3ocEOvhp_9MuZ9Os8M2e...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKbPbFt9RpzCb13SB-PsNkKLWZyd35loFlJVANpdZYOTieDCW-bQoSDjmOfS3ocEOvhp_9MuZ9Os8M2ez_ZBsrnDmas5Z3Wq0j0rhvoDIr7R6fn5CEVdZjwbL6qgwT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKbPbFt9RpzCb13SB-PsNkKLWZyd35loFlJVANpdZYOTieDCW-bQoSDjmOfS3ocEOvhp_9MuZ9Os8M2ez_ZBsrnDmas5Z3Wq0j0rhvoDIr7R6fn5CEVdZjwbL6qgwT3UqXV5fOx3ic&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKbPbFt9RpzCb13SB-PsNkKLWZyd35loFlJVANpdZYOTieDCW-bQoSDjmOfS3ocEOvhp_9MuZ9Os8M2ez_ZBsrnDmas5Z3Wq0j0rhvoDIr7R6fn5CEVdZjwbL6qgwT3UqXV5fOx3ic&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
279
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6204
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHhq1-6PXCceNE1E8dl_LTU&google_cver=1&google_push=AYg5qPKew-fIHtOpBa5OB3pGFyNBhtYo46cS5zjdmhPvd5971txwciEbRFSxgOPXvKGvnHDCdjsjWBcubrqK...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKew-fIHtOpBa5OB3pGFyNBhtYo46cS5zjdmhPvd5971txwciEbRFSxgOPXvKGvnHDCdjsjWBcubrqKsMgcvtOF1saMHaVcj-c49YOrpRx5jVIwB9nm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKew-fIHtOpBa5OB3pGFyNBhtYo46cS5zjdmhPvd5971txwciEbRFSxgOPXvKGvnHDCdjsjWBcubrqKsMgcvtOF1saMHaVcj-c49YOrpRx5jVIwB9nmH0CaW7Do8OHbegYSs94emUQ
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKew-fIHtOpBa5OB3pGFyNBhtYo46cS5zjdmhPvd5971txwciEbRFSxgOPXvKGvnHDCdjsjWBcubrqKsMgcvtOF1saMHaVcj-c49YOrpRx5jVIwB9nmH0CaW7Do8OHbegYSs94emUQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 6204
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGllgny_e5ihOj2mVHIiipU&google_cver=1&google_push=AYg5qPKNzcZcDjvZ7EMX97hQ80PoSKCAD_0TOd_Vb6o8OGGcVjJU3atNdoHoQwYQqlUconV0mB4NAg...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKNzcZcDjvZ7EMX97hQ80PoSKCAD_0TOd_Vb6o8OGGcVjJU3atNdoHoQwYQqlUconV0mB4NAgs9vjBWs8Cjvwu-C1s9myNHOnYZNogRDw6U7vx6sC0xz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKNzcZcDjvZ7EMX97hQ80PoSKCAD_0TOd_Vb6o8OGGcVjJU3atNdoHoQwYQqlUconV0mB4NAgs9vjBWs8Cjvwu-C1s9myNHOnYZNogRDw6U7vx6sC0xzHyfDocJ9chL2xwGrGCu-5A&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw%3D%3D
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKNzcZcDjvZ7EMX97hQ80PoSKCAD_0TOd_Vb6o8OGGcVjJU3atNdoHoQwYQqlUconV0mB4NAgs9vjBWs8Cjvwu-C1s9myNHOnYZNogRDw6U7vx6sC0xzHyfDocJ9chL2xwGrGCu-5A&google_hm=ODg2NzAxMjQ4MDMwMzYxMzUxNw%3D%3D
date
Sat, 04 Jun 2022 07:02:48 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6204
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHnvZsEAZqjgUSBzY5hT5go&google_cver=1&google_push=AYg5qPJzD3nhmiAypwt3rpZqbfy6E84F9jHQKq4yOiVAGbWAl-a8zinZWsIls7GZqFXlfWMtB2...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KV1Q5RkZSRTJ1RjQ3Y0JHSTlWYnBHWDQyYmJheHhzTn5B&google_push=AYg5qPJzD3nhmiAypwt3rpZqbfy6E84F9jHQKq4yOiVAGbWAl-a8zinZW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KV1Q5RkZSRTJ1RjQ3Y0JHSTlWYnBHWDQyYmJheHhzTn5B&google_push=AYg5qPJzD3nhmiAypwt3rpZqbfy6E84F9jHQKq4yOiVAGbWAl-a8zinZWsIls7GZqFXlfWMtB230_DMH5i1jVeuWkuybv_gpUsmZSnHoPy6T_PwBpBiTMEks6ZgcpuDTacWmVaDfoAD8aT4
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KV1Q5RkZSRTJ1RjQ3Y0JHSTlWYnBHWDQyYmJheHhzTn5B&google_push=AYg5qPJzD3nhmiAypwt3rpZqbfy6E84F9jHQKq4yOiVAGbWAl-a8zinZWsIls7GZqFXlfWMtB230_DMH5i1jVeuWkuybv_gpUsmZSnHoPy6T_PwBpBiTMEks6ZgcpuDTacWmVaDfoAD8aT4
date
Sat, 04 Jun 2022 07:02:48 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 6204 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqRYFr0c0yXxOr_YAoLI7eZihHefxJaG6PUJ9w1Nrm66P2qOjTMW0PwDDSD7KJrezAjM0sMg
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 40B9
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEliVVdlOYNBj0c_eFk_RXI&google_cver=1&google_push=AYg5qPJA9fW8jCjCA-wRNWaKMZjNM-mEG3Npcb9GapAHWboPYO1_1-FIV0...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJA9fW8jCjCA-wRNWaKMZjNM-mEG3Npcb9GapAHWboPYO1_1-FIV0yoW8WnCQO3ixcDjoC2Gq6UGqG8wGv9IQer0veAYW-AR-mbGmiaT1etNufvo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJA9fW8jCjCA-wRNWaKMZjNM-mEG3Npcb9GapAHWboPYO1_1-FIV0yoW8WnCQO3ixcDjoC2Gq6UGqG8wGv9IQer0veAYW-AR-mbGmiaT1etNufvoKZl1dhpCAl2qYwKaU0RaFkrnlbe&google_hm=Be3M-WFnwCOxasLus8jy0A
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPJA9fW8jCjCA-wRNWaKMZjNM-mEG3Npcb9GapAHWboPYO1_1-FIV0yoW8WnCQO3ixcDjoC2Gq6UGqG8wGv9IQer0veAYW-AR-mbGmiaT1etNufvoKZl1dhpCAl2qYwKaU0RaFkrnlbe&google_hm=Be3M-WFnwCOxasLus8jy0A
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 40B9
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEL0XqSduED7gjGwkNCHSRr8&google_cver=1&google_push=AYg5qPJ4kdkKxgbJ3G5IrPB3gKdLAoHnyT4oPBtCnWTxbzYx2CISasP90h7y-rsuQoKOejs5VsiLAwIaxyzUiG-DzYdXoPr1rrlM...
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJ4kdkKxgbJ3G5IrPB3gKdLAoHnyT4oPBtCnWTxbzYx2CISasP90h7y-rsuQoKOejs5VsiLAwIaxyzUiG-DzYdXoPr1rrlM5iU9gnzgOfIyrkqzT5b6ziRDklw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJ4kdkKxgbJ3G5IrPB3gKdLAoHnyT4oPBtCnWTxbzYx2CISasP90h7y-rsuQoKOejs5VsiLAwIaxyzUiG-DzYdXoPr1rrlM5iU9gnzgOfIyrkqzT5b6ziRDklwvv6eCWQAWKXG6bR-Y&google_hm=UjFCMzMxX0YwRUU2OTQ5XzY2QjZDMEQ5
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPJ4kdkKxgbJ3G5IrPB3gKdLAoHnyT4oPBtCnWTxbzYx2CISasP90h7y-rsuQoKOejs5VsiLAwIaxyzUiG-DzYdXoPr1rrlM5iU9gnzgOfIyrkqzT5b6ziRDklwvv6eCWQAWKXG6bR-Y&google_hm=UjFCMzMxX0YwRUU2OTQ5XzY2QjZDMEQ5
Date
Sat, 04 Jun 2022 07:02:47 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
382
Strict-Transport-Security
max-age=-337312968; includeSubDomains
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 40B9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECW3U5yyW99JapgSIUDL34c&google_cver=1&google_push=AYg5qPJlPGW7YgKxphNQY5nenvXXgfbzeWR-5FEyZslstVxwLilteVwM_x-ZBKXLYf6BBDvynY56kimk0FAYE4xQXPT_cdmlk3guzF...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2FA02F7620E412F9BAA59AB0D5D3BA6&google_push=AYg5qPJlPGW7YgKxphNQY5nenvXXgfbzeWR-5FEyZslstVxwLilteVwM_x-ZBKXLYf6BBDvynY56kimk0FAYE4x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2FA02F7620E412F9BAA59AB0D5D3BA6&google_push=AYg5qPJlPGW7YgKxphNQY5nenvXXgfbzeWR-5FEyZslstVxwLilteVwM_x-ZBKXLYf6BBDvynY56kimk0FAYE4xQXPT_cdmlk3guzFTuF6wyRPQAB_tPG6kQ0BvlYTDu1G8OLgFx9uYHfCM
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2FA02F7620E412F9BAA59AB0D5D3BA6&google_push=AYg5qPJlPGW7YgKxphNQY5nenvXXgfbzeWR-5FEyZslstVxwLilteVwM_x-ZBKXLYf6BBDvynY56kimk0FAYE4xQXPT_cdmlk3guzFTuF6wyRPQAB_tPG6kQ0BvlYTDu1G8OLgFx9uYHfCM
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 03 Jun 2022 07:02:48 GMT
pixel
cm.g.doubleclick.net/ Frame 40B9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMUjgix5YYjhX1ynmnrYN28&google_cver=1&google_push=AYg5qPKIofAiah0SQcqcSIB4BXe1cxNwShfH8U5XYGjXF_2TpUGnn9LRonTQ1KO0qtshXvi6tJtjlE9hijIn1...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKIofAiah0SQcqcSIB4BXe1cxNwShfH8U5XYGjXF_2TpUGnn9LRonTQ1KO0qtshXvi6tJtjlE9hijIn1PCOFYelMDYpbYmnGi05bOhDEY3n6jE7pAKNHR556irW42N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKIofAiah0SQcqcSIB4BXe1cxNwShfH8U5XYGjXF_2TpUGnn9LRonTQ1KO0qtshXvi6tJtjlE9hijIn1PCOFYelMDYpbYmnGi05bOhDEY3n6jE7pAKNHR556irW42N5-GxfG0CMqqs&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKIofAiah0SQcqcSIB4BXe1cxNwShfH8U5XYGjXF_2TpUGnn9LRonTQ1KO0qtshXvi6tJtjlE9hijIn1PCOFYelMDYpbYmnGi05bOhDEY3n6jE7pAKNHR556irW42N5-GxfG0CMqqs&google_hm=THpZbDhvOUp3YVZ0XzJNbzM2V3U=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
279
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 40B9
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBiHGimsK9mxCsBygGBiqLo&google_cver=1&google_push=AYg5qPLZNQ7btMjVZWC2E2SZOqHKSuHxB-cM8Rx4vTsvCVgAWZqB3MZ7VglAFqBNtI30ozJ8G3hKLaYU1M5VXr6X2K...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPLZNQ7btMjVZWC2E2SZOqHKSuHxB-cM8Rx4vTsvCVgAWZqB3MZ7VglAFqBNtI30ozJ8G3hKLaYU1M5VXr6X2KHN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPLZNQ7btMjVZWC2E2SZOqHKSuHxB-cM8Rx4vTsvCVgAWZqB3MZ7VglAFqBNtI30ozJ8G3hKLaYU1M5VXr6X2KHNg_cXhvC3a3sdWnrdqCA0qTzzERCztEcPRu3OkMKJpue-zZpyziLG
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPLZNQ7btMjVZWC2E2SZOqHKSuHxB-cM8Rx4vTsvCVgAWZqB3MZ7VglAFqBNtI30ozJ8G3hKLaYU1M5VXr6X2KHNg_cXhvC3a3sdWnrdqCA0qTzzERCztEcPRu3OkMKJpue-zZpyziLG
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 40B9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPK40uWH2SiAWEmnv3IWPa2dPiM70iJ7Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPK40uWH2SiAWEmnv3IWPa2dPiM70iJ7ZvGDcwzBjD_vPHv8vRVPXEuryVGpE-WwrhWIFQNPuF_KrEVhmg5jJl_YKQvsTQbfIBHDhV4_shf_Da98WdQ1cAyIImJmXmCp-Ou5cgkQPlai
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPK40uWH2SiAWEmnv3IWPa2dPiM70iJ7ZvGDcwzBjD_vPHv8vRVPXEuryVGpE-WwrhWIFQNPuF_KrEVhmg5jJl_YKQvsTQbfIBHDhV4_shf_Da98WdQ1cAyIImJmXmCp-Ou5cgkQPlai
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
504
Expires
Sat, 04 Jun 2022 07:02:48 GMT
pixel
cm.g.doubleclick.net/ Frame 40B9
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSOM...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMlO4Uyf6yoGs2CQ3_5sfFA%26google_cver%3D1%26google_push%3DAYg5qPIfbF86Dn24Tb6PfQ...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8492896450583913946&exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSOMWZz0sPq5sidUP76lgaHxJDgIVoLtsRmVELzsMKUUo3CRBz9_Y3tTwIc0nrTx_H94
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPIfbF86Dn24Tb6PfQO3JP9tkPfdLnsWoeptleqbH4SguhTD8_xXFPgj50Q0pM9A8gIOZ7R7iSOMWZz0sPq5sidUP76lgaHxJDgIVoLtsRmVELzsMKUUo3CRBz9_Y3tTwIc0nrTx_H94
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 40B9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J05bwFR1ANyWiIB9k38kdGe0_1DfdQrMELZVHGEgqyLFoULRY2dhhP45nYjnOvXFC1_93MlA
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJtYXRoLWFpZHMiLCJ1cmwiOiJodHRwczovL3d3dy5pcGhvbmVpbmNhbmFkYS5jYS9uZXdzL3ByZWRhdG9yLXNweXdhcmUtZm9yLWlwaG9uZXMtdW5jb3ZlcmVkLWJ5LXRvcm9udG8tcmVzZWFyY2hlcnMvIiwiYWRVbml0IjoiLzIyNDA0MzM3NDY3LDEwMTg1NTYvaXBob25laW5jYW5hZGEtNzI4eDkwLVN0aWNreV8wIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6IjUwMjQ1NjkzNzQiLCJjYW1wYWlnbklkIjoiMjg4NzU2MzczOCIsImNyZWF0aXZlSWQiOiIxMzgzOTM4OTc0MjIiLCJsaW5laXRlbUlkIjoiNTc1Mjg0NzQwOSIsImFkU2VydmVyIjoiZGZwIiwieWllbGRHcm91cElkcyI6WzI4NTgzN119LCJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwLCJ3diI6IjEuMC4wK2M1YzFjMjkiLCJidiI6ImJsLWZlOGJiM2UtMWRjOTc5MzI7Yi1jNWMxYzI5LTkzYzAzMDA4IiwibWV0YSI6eyJibGFja2xpc3RTdGF0dXMiOnsibG9hZGVkIjp0cnVlLCJjb3VudCI6MTAyMiwiZmlyc3RJdGVtIjp7InQiOiJleHBlcnQyNC4iLCJhIjoxMH19LCJibG9ja2VkSW5mbyI6eyJyZWZyZXNoZWRDb3VudCI6MCwiYmxvY2tlZENvdW50IjowLCJoZWF2eUFkQmxvY2tlZENvdW50IjowLCJoZWF2eUFkUmVmcmVzaGVkQ291bnQiOjB9LCJwbFJhdGlvIjowLjAxfSwidGFnTWFya3VwIjoiPGh0bWw%2BPGhlYWQ%2BPC9oZWFkPjxib2R5PlRvbyBtYW55IHJlcXVlc3RzOiAyMi5cbjxzY3JpcHQ%2BXG4oZnVuY3Rpb24oKXsvKlxuXG4gQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy5cbiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMFxuKi9cbnZhciBtPXRoaXN8fHNlbGYsdz1mdW5jdGlvbihhKXtyZXR1cm4gYX07dmFyIHg7dmFyIHo9ZnVuY3Rpb24oYSxiLGMpe3RoaXMuZz1jPT09eT9hOlwiXCJ9O3oucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXMuZy50b1N0cmluZygpfTt2YXIgeT17fTt2YXIgQz1mdW5jdGlvbihhLGIpe3ZhciBjPXZvaWQgMD09PWM%2Fe306Yzt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fFwiXCI7dGhpcy5pZD1iLmlkfHxcImpzZXJyb3JcIjt0aGlzLm1ldGE9Y307dmFyIEQ9ZnVuY3Rpb24oYSl7RFtcIiBcIl0oYSk7cmV0dXJuIGF9O0RbXCIgXCJdPWZ1bmN0aW9uKCl7fTt2YXIgRT0vXig%2FOihbXjovPyMuXSspOik%2FKD86XFwvXFwvKD86KFteXFxcXC8%2FI10qKUApPyhbXlxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXC8%2FI118JCkpPyhbXj8jXSspPyg%2FOlxcPyhbXiNdKikpPyg%2FOiMoW1xcc1xcU10qKSk%2FJC87dmFyIEk9ZnVuY3Rpb24oYSxiKXtpZihhKWZvcih2YXIgYyBpbiBhKU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChhLGMpJiZiLmNhbGwodm9pZCAwLGFbY10sYyxhKX07dmFyIEo9L15odHRwcz86XFwvXFwvKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3xcXC98JCkvLEs9ZnVuY3Rpb24oYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn0sTD1mdW5jdGlvbihhLGIpe3RoaXMudXJsPWE7dGhpcy5qPSEhYjt0aGlzLmRlcHRoPW51bGx9O3ZhciBNPWZ1bmN0aW9uKGEpe20uZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwobS5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO3ZhciBiPW0uZG9jdW1lbnQuY3JlYXRlRWxlbWVudChcImltZ1wiKTtiLnNyYz1hO20uZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goYil9O3ZhciBOPWZ1bmN0aW9uKCl7dGhpcy5pPVwiJlwiO3RoaXMuaD17fTt0aGlzLm89MDt0aGlzLmc9W119LE89ZnVuY3Rpb24oYSxiKXt2YXIgYz17fTtjW2FdPWI7cmV0dXJuW2NdfSxVPWZ1bmN0aW9uKGEsYixjLGQsZyl7dmFyIGU9W107SShhLGZ1bmN0aW9uKGYsayl7KGY9VChmLGIsYyxkLGcpKSYmZS5wdXNoKGsrXCI9XCIrZil9KTtyZXR1cm4gZS5qb2luKGIpfSxUPWZ1bmN0aW9uKGEsYixjLGQsZyl7aWYobnVsbD09YSlyZXR1cm5cIlwiO2I9Ynx8XCImXCI7Yz1jfHxcIiwkXCI7XCJzdHJpbmdcIj09dHlwZW9mIGMmJihjPWMuc3BsaXQoXCJcIikpO2lmKGEgaW5zdGFuY2VvZiBBcnJheSl7aWYoZD1kfHwwLGQ8Yy5sZW5ndGgpe2Zvcih2YXIgZT1bXSxmPTA7ZjxhLmxlbmd0aDtmKyspZS5wdXNoKFQoYVtmXSxiLGMsZCsxLGcpKTtyZXR1cm4gZS5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBnPWd8fDAsMj5nP2VuY29kZVVSSUNvbXBvbmVudChVKGEsYixjLGQsZysxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9LFc9ZnVuY3Rpb24oYSl7dmFyIGI9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWpzZXJyb3ImXCIsYz1WKGEpLTI3O2lmKDA%2BYylyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKG4sQSl7cmV0dXJuIG4tQX0pO2Zvcih2YXIgZD1udWxsLGc9XCJcIixlPTA7ZTxhLmcubGVuZ3RoO2UrKylmb3IodmFyIGY9YS5nW2VdLGs9YS5oW2ZdLGw9MDtsPGsubGVuZ3RoO2wrKyl7aWYoIWMpe2Q9bnVsbD09ZD9mOmQ7YnJlYWt9dmFyIGg9VShrW2xdLGEuaSxcIiwkXCIpO2lmKGgpe2g9ZytoO2lmKGM%2BPWgubGVuZ3RoKXtjLT1oLmxlbmd0aDtiKz1oO2c9YS5pO2JyZWFrfWQ9bnVsbD09ZD9mOmR9fWE9XCJcIjtudWxsIT1kJiYoYT1nK1widHJuPVwiK2QpO3JldHVybiBiK2ErXCJcIn0sVj1mdW5jdGlvbihhKXt2YXIgYj0xLGM7Zm9yKGMgaW4gYS5oKWI9Yy5sZW5ndGg%2BYj9jLmxlbmd0aDpiO3JldHVybiAzOTk3LWItYS5pLmxlbmd0aC0xfTt2YXIgWD1mdW5jdGlvbihhKXtpZiguMDE%2BTWF0aC5yYW5kb20oKSl0cnl7aWYoYSBpbnN0YW5jZW9mIE4pdmFyIGI9YTtlbHNlIGI9bmV3IE4sSShhLGZ1bmN0aW9uKGQsZyl7dmFyIGU9YixmPWUubysrO2Q9TyhnLGQpO2UuZy5wdXNoKGYpO2UuaFtmXT1kfSk7dmFyIGM9VyhiKTtjJiZNKGMpfWNhdGNoKGQpe319O3ZhciBZPWZ1bmN0aW9uKGEpe3ZhciBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3ZhciBjPWI7dHJ5ey0xPT1hLmluZGV4T2YoYykmJihhPWMrXCJcXG5cIithKTtmb3IodmFyIGQ7YSE9ZDspZD1hLGE9YS5yZXBsYWNlKC8oKGh0dHBzPzpcXC8uLipcXC8pW15cXC86XSo6XFxkKyg%2FOi58XFxuKSopXFwyLyxcIiQxXCIpO2I9YS5yZXBsYWNlKC9cXG4gKi9nLFwiXFxuXCIpfWNhdGNoKGcpe2I9Y319cmV0dXJuIGJ9O3ZhciBhYT0vXihbXjtdKyk7KFxcZCspOyhbXFxzXFxTXSopJC8sYmE9ZnVuY3Rpb24oKXt2YXIgYT13aW5kb3cubmFtZSxiPWFhLmV4ZWMoYSk7aWYobnVsbD09PWIpdGhyb3cgRXJyb3IoXCJDYW5ub3QgcGFyc2Ugc2VyaWFsaXplZCBkYXRhLiBcIithLnN1YnN0cmluZygwLDUwKSk7YT0rYlsyXTt2YXIgYz1iWzNdO2lmKGE%2BYy5sZW5ndGgpdGhyb3cgRXJyb3IoXCJQYXJzZWQgY29udGVudCBzaXplIGRvZXNuJ3QgbWF0Y2guIFwiK2ErXCI6XCIrYy5sZW5ndGgpO3JldHVybnttOmJbMV0sY29udGVudDpjLnN1YnN0cigwLGEpLGw6Yy5zdWJzdHIoYSl9fTt2YXIgWj1udWxsLGRhPWZ1bmN0aW9uKGEpe3ZhciBiPWEubGVuZ3RoLGM9MypiLzQ7YyUzP2M9TWF0aC5mbG9vcihjKTotMSE9XCI9LlwiLmluZGV4T2YoYVtiLTFdKSYmKGM9LTEhPVwiPS5cIi5pbmRleE9mKGFbYi0yXSk%2FYy0yOmMtMSk7dmFyIGQ9bmV3IFVpbnQ4QXJyYXkoYyksZz0wO2NhKGEsZnVuY3Rpb24oZSl7ZFtnKytdPWV9KTtyZXR1cm4gZC5zdWJhcnJheSgwLGcpfSxjYT1mdW5jdGlvbihhLGIpe2Z1bmN0aW9uIGMobCl7Zm9yKDtkPGEubGVuZ3RoOyl7dmFyIGg9YS5jaGFyQXQoZCsrKSxuPVpbaF07aWYobnVsbCE9bilyZXR1cm4gbjtpZighL15bXFxzXFx4YTBdKiQvLnRlc3QoaCkpdGhyb3cgRXJyb3IoXCJVbmtub3duIGJhc2U2NCBlbmNvZGluZyBhdCBjaGFyOiBcIitoKTt9cmV0dXJuIGx9ZWEoKTtmb3IodmFyIGQ9MDs7KXt2YXIgZz1jKC0xKSxlPWMoMCksZj1jKDY0KSxrPWMoNjQpO2lmKDY0PT09ayYmLTE9PT1nKWJyZWFrO2IoZzw8MnxlPj40KTs2NCE9ZiYmKGIoZTw8NCYyNDB8Zj4%2BMiksNjQhPWsmJmIoZjw8NiYxOTJ8aykpfX0sZWE9ZnVuY3Rpb24oKXtpZighWil7Wj17fTtmb3IodmFyIGE9XCJBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MDEyMzQ1Njc4OVwiLnNwbGl0KFwiXCIpLGI9W1wiKy89XCIsXCIrL1wiLFwiLV89XCIsXCItXy5cIixcIi1fXCJdLGM9MDs1PmM7YysrKWZvcih2YXIgZD1hLmNvbmNhdChiW2NdLnNwbGl0KFwiXCIpKSxnPTA7ZzxkLmxlbmd0aDtnKyspe3ZhciBlPWRbZ107dm9pZCAwPT09WltlXSYmKFpbZV09Zyl9fX07KGZ1bmN0aW9uKGEpe2lmKHdpbmRvdy5uYW1lKXt2YXIgYj1mdW5jdGlvbihlKXt0cnl7dmFyIGY9bmV3IE47Zi5nLnB1c2goMSk7Zi5oWzFdPU8oXCJjb250ZXh0XCIsNTA3KTtlLmVycm9yJiZlLm1ldGEmJmUuaWR8fChlPW5ldyBDKGUse21lc3NhZ2U6WShlKX0pKTtpZihlLm1zZyl7dmFyIGs9ZS5tc2cuc3Vic3RyaW5nKDAsNTEyKTtmLmcucHVzaCgyKTtmLmhbMl09TyhcIm1zZ1wiLGspfXZhciBsPVtlLm1ldGF8fHt9XTtmLmcucHVzaCgzKTtmLmhbM109bDtsPW07az1bXTtlPW51bGw7ZG97dmFyIGg9bDt0cnl7dmFyIG47aWYobj0hIWgmJm51bGwhPWgubG9jYXRpb24uaHJlZiliOnt0cnl7RChoLmZvbyk7bj0hMDticmVhayBifWNhdGNoKEIpe31uPSExfXZhciBBPW59Y2F0Y2goQil7QT0hMX1pZihBKXt2YXIgcj1oLmxvY2F0aW9uLmhyZWY7ZT1oLmRvY3VtZW50JiZoLmRvY3VtZW50LnJlZmVycmVyfHxudWxsfWVsc2Ugcj1lLGU9bnVsbDtrLnB1c2gobmV3IEwocnx8XCJcIikpO3RyeXtsPWgucGFyZW50fWNhdGNoKEIpe2w9bnVsbH19d2hpbGUobCYmaCE9bCk7cj0wO2Zvcih2YXIgdD1rLmxlbmd0aC0xO3I8PXQ7KytyKWtbcl0uZGVwdGg9dC1yO2g9bTtpZihoLmxvY2F0aW9uJiZoLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyYmaC5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoPT1rLmxlbmd0aC0xKWZvcih0PTE7dDxrLmxlbmd0aDsrK3Qpe3ZhciB1PWtbdF07dS51cmx8fCh1LnVybD1oLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2luc1t0LTFdfHxcIlwiLHUuaj0hMCl9dmFyIHA9bmV3IEwobS5sb2NhdGlvbi5ocmVmLCExKTtoPW51bGw7dmFyIEY9ay5sZW5ndGgtMTtmb3IodT1GOzA8PXU7LS11KXt2YXIgcT1rW3VdOyFoJiZKLnRlc3QocS51cmwpJiYoaD1xKTtpZihxLnVybCYmIXEuail7cD1xO2JyZWFrfX1xPW51bGw7dmFyIGZhPWsubGVuZ3RoJiZrW0ZdLnVybDswIT1wLmRlcHRoJiZmYSYmKHE9a1tGXSk7dmFyIHY9bmV3IEsocCxxKTtpZih2Lmgpe3ZhciBoYT12LmgudXJsfHxcIlwiO2YuZy5wdXNoKDQpO2YuaFs0XT1PKFwidG9wXCIsaGEpfXZhciBHPXt1cmw6di5nLnVybHx8XCJcIn07aWYodi5nLnVybCl7dmFyIEg9di5nLnVybC5tYXRjaChFKSxQPUhbMV0sUT1IWzNdLFI9SFs0XTtwPVwiXCI7UCYmKHArPVArXCI6XCIpO1EmJihwKz1cIi8vXCIscCs9USxSJiYocCs9XCI6XCIrUikpO3ZhciBTPXB9ZWxzZSBTPVwiXCI7Rz1bRyx7dXJsOlN9XTtmLmcucHVzaCg1KTtmLmhbNV09RztYKGYpfWNhdGNoKEIpe3RyeXtYKHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6NTA3LG1zZzpZKEIpLHVybDp2JiZ2LmcudXJsfSl9Y2F0Y2goaWEpe319fTt0cnl7dmFyIGM9YmEoKSxkPUpTT04ucGFyc2UoYy5sKSxnPXZvaWQgMD09PWQuZW5jcnlwdGlvbk1vZGU%2FbnVsbDpkLmVuY3J5cHRpb25Nb2RlO3dpbmRvdy5uYW1lPVwiXCI7YShjLmNvbnRlbnQsZyxmdW5jdGlvbihlKXtk&i=1-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
G-Hn7oWQ6g4wLKEWxynEsYOaOeHrexi4ZvJkWzixnuXtP_rDFyz3UQ==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=Lmdvb2dfc2FmZWZyYW1lX2hsdCYmKG0uZ29vZ19zYWZlZnJhbWVfaGx0PWQuZ29vZ19zYWZlZnJhbWVfaGx0KTtkLl9jb250ZXh0JiYobS5BTVBfQ09OVEVYVF9EQVRBPWQuX2NvbnRleHQpO20uc2ZfPXt2OmMubSxjZmc6ZH07ZG9jdW1lbnQub3BlbihcInRleHQvaHRtbFwiLFwicmVwbGFjZVwiKTtpZih2b2lkIDA9PT14KXt2YXIgZj1udWxsO3ZhciBrPW0udHJ1c3RlZFR5cGVzO2lmKGsmJmsuY3JlYXRlUG9saWN5KXt0cnl7Zj1rLmNyZWF0ZVBvbGljeShcImdvb2cjaHRtbFwiLHtjcmVhdGVIVE1MOncsY3JlYXRlU2NyaXB0OncsY3JlYXRlU2NyaXB0VVJMOnd9KX1jYXRjaChsKXttLmNvbnNvbGUmJm0uY29uc29sZS5lcnJvcihsLm1lc3NhZ2UpfXg9Zn1lbHNlIHg9Zn1lPShmPXgpP2YuY3JlYXRlSFRNTChlKTplO2U9bmV3IHooZSxudWxsLHkpO2RvY3VtZW50LndyaXRlKGUgaW5zdGFuY2VvZiB6JiZlLmNvbnN0cnVjdG9yPT09ej9lLmc6XCJ0eXBlX2Vycm9yOlNhZmVIdG1sXCIpO2RvY3VtZW50LmNsb3NlKCk7bS5zZl8mJih3aW5kb3cubmFtZT1cIlwiKX0sYil9Y2F0Y2goZSl7YihlKX19fSkoZnVuY3Rpb24oYSxiLGMpe2lmKDI9PT1iKXtiPW5ldyBUZXh0RGVjb2Rlcjt2YXIgZD0vPHN0YXJ0Z3VhcmQ%2BKC4qKTxlbmRndWFyZD4vZy5leGVjKGEpO2lmKGE9Yi5kZWNvZGUuY2FsbChiLGRhKGQmJmRbMV0%2FZFsxXTphKSkpYj1hLnRvTG93ZXJDYXNlKCksYT0tMTxiLmluZGV4T2YoXCI8IWRvY3R5cGVcIil8fC0xPGIuaW5kZXhPZihcIjxodG1sXCIpP2E6XCI8IWRvY3R5cGUgaHRtbD48aHRtbD48aGVhZD48L2hlYWQ%2BPGJvZHk%2BXCIrYStcIjwvYm9keT48L2h0bWw%2BXCJ9YyhhKX0pO30pLmNhbGwodGhpcyk7XG4gICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy9ibC1mZThiYjNlLTFkYzk3OTMyLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMvYi1jNWMxYzI5LTkzYzAzMDA4LmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdD52YXIgZD1kZWNvZGVVUklDb21wb25lbnQoXCIlN0IlMjJzaXRlSWQlMjIlM0ElMjJtYXRoLWFpZHMlMjIlMkMlMjJ3diUyMiUzQSUyMjEuMC4wJTJCYzVjMWMyOSUyMiUyQyUyMmJsdiUyMiUzQSUyMmJsLWZlOGJiM2UtMWRjOTc5MzIlMjIlMkMlMjJidiUyMiUzQSUyMmItYzVjMWMyOS05M2MwMzAwOCUyMiUyQyUyMnRvcERvbWFpbiUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmlwaG9uZWluY2FuYWRhLmNhJTJGbmV3cyUyRnByZWRhdG9yLXNweXdhcmUtZm9yLWlwaG9uZXMtdW5jb3ZlcmVkLWJ5LXRvcm9udG8tcmVzZWFyY2hlcnMlMkYlMjIlMkMlMjJjdXJyZW50VGFnSWQlMjIlM0ElMjJhZGx0YWdfbDN6ajMwM2FfNzR1empUM1U1eWQlMjIlMkMlMjJhdSUyMiUzQSUyMiUyRjIyNDA0MzM3NDY3JTJDMTAxODU1NiUyRmlwaG9uZWluY2FuYWRhLTcyOHg5MC1TdGlja3lfMCUyMiUyQyUyMnNsb3RFbGVtZW50SWQlMjIlM0ElMjJkaXYtZ3B0LWFkLTE2Mjc2ODAwMTkzNDUtMCUyMiUyQyUyMnJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJibG9ja2VkQ291bnQlMjIlM0EwJTJDJTIyaGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJoZWF2eUFkQmxvY2tlZENvdW50JTIyJTNBMCUyQyUyMmFkU2VydmVyRGV0YWlscyUyMiUzQSU3QiUyMmFkdmVydGlzZXJJZCUyMiUzQSUyMjUwMjQ1NjkzNzQlMjIlMkMlMjJjYW1wYWlnbklkJTIyJTNBJTIyMjg4NzU2MzczOCUyMiUyQyUyMmNyZWF0aXZlSWQlMjIlM0ElMjIxMzgzOTM4OTc0MjIlMjIlMkMlMjJsaW5laXRlbUlkJTIyJTNBJTIyNTc1Mjg0NzQwOSUyMiUyQyUyMmFkU2VydmVyJTIyJTNBJTIyZGZwJTIyJTJDJTIyeWllbGRHcm91cElkcyUyMiUzQSU1QjI4NTgzNyU1RCU3RCUyQyUyMnclMjIlM0E3MjglMkMlMjJoJTIyJTNBOTAlMkMlMjJzYWZlRnJhbWVLZXklMjIlM0ElMjI4MzQ2MjkxNyUyMiU3RFwiKTt3aW5kb3dbXCI2MTM5ODU4OV9tYXRoLWFpZHNcIl09e307d2luZG93W1wiNjEzOTg1ODlfbWF0aC1haWRzXCJdLnRhZ0RldGFpbHM9SlNPTi5wYXJzZShkKTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiNjEzOTg1ODlfbWF0aC1haWRzXCIsIFwiPCEtLUFETF9XUkFQUEVELS0%2BXCIsIGZhbHNlLCB3aW5kb3csIHt9KTs8L3NjcmlwdD5cbjxzY3JpcHQ%2BdmFyIGpzY1ZlcnNpb24gPSAncjIwMjIwNjAxJzs8L3NjcmlwdD5cbjxzY3JpcHQ%2BdmFyIGdvb2dsZV9jYXNtPVtdOzwvc2NyaXB0PlxuPHNjcmlwdD53aW5kb3cuZGljbmYgPSB7fTs8L3NjcmlwdD5cbjxzY3JpcHQgZGF0YS1qYz1cIjQyXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjIwNjAxXCIgZGF0YS1qYy1mbGFncz1cIlsmcXVvdDt4JTI3ODQ0Nic5ZWZvdG0oJmFtcDsyMDA2Nzs%2BOCZhbXA7PmBkb3BiLyU8MTczMjI2MSE9fHZxYykhNzIwMTA2MT8nOWVmb3RteSZxdW90O11cIj4oZnVuY3Rpb24oKXsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gJ3VzZSBzdHJpY3QnO3ZhciBiYT1cImZ1bmN0aW9uXCI9PXR5cGVvZiBPYmplY3QuZGVmaW5lUHJvcGVydGllcz9PYmplY3QuZGVmaW5lUHJvcGVydHk6ZnVuY3Rpb24oYSxiLGMpe2lmKGE9PUFycmF5LnByb3RvdHlwZXx8YT09T2JqZWN0LnByb3RvdHlwZSlyZXR1cm4gYTthW2JdPWMudmFsdWU7cmV0dXJuIGF9O2Z1bmN0aW9uIGNhKGEpe2E9W1wib2JqZWN0XCI9PXR5cGVvZiBnbG9iYWxUaGlzJiZnbG9iYWxUaGlzLGEsXCJvYmplY3RcIj09dHlwZW9mIHdpbmRvdyYmd2luZG93LFwib2JqZWN0XCI9PXR5cGVvZiBzZWxmJiZzZWxmLFwib2JqZWN0XCI9PXR5cGVvZiBnbG9iYWwmJmdsb2JhbF07Zm9yKHZhciBiPTA7YjxhLmxlbmd0aDsrK2Ipe3ZhciBjPWFbYl07aWYoYyYmYy5NYXRoPT1NYXRoKXJldHVybiBjfXRocm93IEVycm9yKFwiQ2Fubm90IGZpbmQgZ2xvYmFsIG9iamVjdFwiKTt9dmFyIGRhPWNhKHRoaXMpOyBmdW5jdGlvbiBlYShhLGIpe2lmKGIpYTp7dmFyIGM9ZGE7YT1hLnNwbGl0KFwiLlwiKTtmb3IodmFyIGQ9MDtkPGEubGVuZ3RoLTE7ZCsrKXt2YXIgZT1hW2RdO2lmKCEoZSBpbiBjKSlicmVhayBhO2M9Y1tlXX1hPWFbYS5sZW5ndGgtMV07ZD1jW2FdO2I9YihkKTtiIT1kJiZudWxsIT1iJiZiYShjLGEse2NvbmZpZ3VyYWJsZTohMCx3cml0YWJsZTohMCx2YWx1ZTpifSl9fWVhKFwiZ2xvYmFsVGhpc1wiLGZ1bmN0aW9uKGEpe3JldHVybiBhfHxkYX0pO3ZhciBwPXRoaXN8fHNlbGY7ZnVuY3Rpb24gcihhKXtyW1wiIFwiXShhKTtyZXR1cm4gYX1yW1wiIFwiXT1mdW5jdGlvbigpe307dmFyIGZhPXt9LHQ9bnVsbDsgZnVuY3Rpb24gaGEoYSxiKXt2b2lkIDA9PT1iJiYoYj0wKTtpZighdCl7dD17fTtmb3IodmFyIGM9XCJBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MDEyMzQ1Njc4OVwiLnNwbGl0KFwiXCIpLGQ9W1wiKy89XCIsXCIrL1wiLFwiLV89XCIsXCItXy5cIixcIi1fXCJdLGU9MDs1PmU7ZSsrKXt2YXIgZj1jLmNvbmNhdChkW2VdLnNwbGl0KFwiXCIpKTtmYVtlXT1mO2Zvcih2YXIgZz0wO2c8Zi5sZW5ndGg7ZysrKXt2YXIgbD1mW2ddO3ZvaWQgMD09PXRbbF0mJih0W2xdPWcpfX19Yj1mYVtiXTtjPUFycmF5KE1hdGguZmxvb3IoYS5sZW5ndGgvMykpO2Q9Yls2NF18fFwiXCI7Zm9yKGU9Zj0wO2Y8YS5sZW5ndGgtMjtmKz0zKXt2YXIgaz1hW2ZdLGg9YVtmKzFdO2w9YVtmKzJdO2c9YltrPj4yXTtrPWJbKGsmMyk8PDR8aD4%2BNF07aD1iWyhoJjE1KTw8MnxsPj42XTtsPWJbbCY2M107Y1tlKytdPWcraytoK2x9Zz0wO2w9ZDtzd2l0Y2goYS5sZW5ndGgtZil7Y2FzZSAyOmc9IGFbZisxXSxsPWJbKGcmMTUpPDwyXXx8ZDtjYXNlIDE6YT1hW2ZdLGNbZV09YlthPj4yXStiWyhhJjMpPDw0fGc%2BPjRdK2wrZH1yZXR1cm4gYy5qb2luKFwiXCIpfTt2YXIgaWE9XCJ1bmRlZmluZWRcIiE9PXR5cGVvZiBVaW50OEFycmF5O2NvbnN0IHY9U3ltYm9sKHZvaWQgMCk7ZnVuY3Rpb24gamEoYSxiKXtPYmplY3QuaXNGcm96ZW4oYSl8fCh2P2Fbdl18PWI6dm9pZCAwIT09YS5tP2EubXw9YjpPYmplY3QuZGVmaW5lUHJvcGVydGllcyhhLHttOnt2YWx1ZTpiLGNvbmZpZ3VyYWJsZTohMCx3cml0YWJsZTohMCxlbnVtZXJhYmxlOiExfX0pKX1mdW5jdGlvbiBrYShhKXtsZXQgYjt2P2I9YVt2XTpiPWEubTtyZXR1cm4gbnVsbD09Yj8wOmJ9ZnVuY3Rpb24gQShhKXtqYShhLDEpO3JldHVybiBhfWZ1bmN0aW9uIGxhKGEpe3JldHVybiBBcnJheS5pc0FycmF5KGEpPyEhKGthKGEpJjIpOiExfTtmdW5jdGlvbiBtYShhKXtyZXR1cm4gbnVsbCE9PWEmJlwib2JqZWN0XCI9PT10eXBlb2YgYSYmIUFycmF5LmlzQXJyYXkoYSkmJmEuY29uc3RydWN0b3I9PT1PYmplY3R9bGV0IEI7dmFyIEM9T2JqZWN0LmZyZWV6ZShBKFtdKSk7ZnVuY3Rpb24gbmEoYSl7aWYobGEoYS5qKSl0aHJvdyBFcnJvcihcIkNhbm5vdCBtdXRhdGUgYW4gaW1tdXRhYmxlIE1lc3NhZ2VcIik7fWZ1bmN0aW9uIG9hKGEpe3JldHVybnt2YWx1ZTphLGNvbmZpZ3VyYWJsZTohMSx3cml0YWJsZTohMSxlbnVtZXJhYmxlOiExfX07ZnVuY3Rpb24gcGEoYSl7c3dpdGNoKHR5cGVvZiBhKXtjYXNlIFwibnVtYmVyXCI6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgXCJvYmplY3RcIjppZihhJiYhQXJyYXkuaXNBcnJheShhKSYmaWEmJm51bGwhPWEmJmEgaW5zdGFuY2VvZiBVaW50OEFycmF5KXJldHVybiBoYShhKX1yZXR1cm4gYX07ZnVuY3Rpb24gcWEoYSxiPXJhKXtyZXR1cm4gc2EoYSxiKX1mdW5jdGlvbiB0YShhLGIpe2lmKG51bGwhPWEpe2lmKEFycmF5LmlzQXJyYXkoYSkpYT1zYShhLGIpO2Vsc2UgaWYobWEoYSkpe2NvbnN0IGM9e307Zm9yKGxldCBkIGluIGEpY1tkXT10YShhW2RdLGIpO2E9Y31lbHNlIGE9YihhKTtyZXR1cm4gYX19ZnVuY3Rpb24gc2EoYSxiKXtjb25zdCBjPWEuc2xpY2UoKTtmb3IobGV0IGQ9MDtkPGMubGVuZ3RoO2QrKyljW2RdPXRhKGNbZF0sYik7QXJyYXkuaXNBcnJheShhKSYma2EoYSkmMSYmQShjKTtyZXR1cm4gY31mdW5jdGlvbiB1YShhKXtpZihhJiZcIm9iamVjdFwiPT10eXBlb2YgYSYmYS50b0pTT04pcmV0dXJuIGEudG9KU09OKCk7YT1wYShhKTtyZXR1cm4gQXJyYXkuaXNBcnJheShhKT9xYShhLHVhKTphfWZ1bmN0aW9uIHJhKGEpe3JldHVybiBpYSYmbnVsbCE9YSYmYSBpbnN0YW5jZW9mIFVpbnQ4QXJyYXk%2FbmV3IFVpbnQ4QXJyYXkoYSk6YX07ZnVuY3Rpb24gRShhLGIsYyl7bmEoYSk7YjxhLmg%2FYS5qW2IrYS5nXT1jOihhLml8fChhLmk9YS5qW2EuaCthLmddPXt9KSlbYl09YztyZXR1cm4gYX07dmFyIHdhPWNsYXNze2NvbnN0cnVjdG9yKGEsYixjKXthfHwoYT12YSk7dmE9bnVsbDt2YXIgZD10aGlzLmNvbnN0cnVjdG9yLmg7YXx8KGE9ZD9bZF06W10pO3RoaXMuZz0oZD8wOi0xKS0odGhpcy5jb25zdHJ1Y3Rvci5nfHwwKTt0aGlzLmw9dm9pZCAwO3RoaXMuaj1hO2E6e2Q9dGhpcy5qLmxlbmd0aDthPWQtMTtpZihkJiYoZD10aGlzLmpbYV0sbWEoZCkpKXt0aGlzLmg9YS10aGlzLmc7dGhpcy5pPWQ7YnJlYWsgYX12b2lkIDAhPT1iJiYtMTxiPyh0aGlzLmg9TWF0aC5tYXgoYixhKzEtdGhpcy5nKSx0aGlzLmk9dm9pZCAwKTp0aGlzLmg9TnVtYmVyLk1BWF9WQUxVRX1pZihjKWZvcihiPTA7YjxjLmxlbmd0aDtiKyspaWYoYT1jW2JdLGE8dGhpcy5oKWErPXRoaXMuZywoZD10aGlzLmpbYV0pP0FycmF5LmlzQXJyYXkoZCkmJkEoZCk6dGhpcy5qW2FdPUM7ZWxzZXtkPXRoaXMuaXx8KHRoaXMuaT10aGlzLmpbdGhpcy5oK3RoaXMuZ109e30pO2xldCBlPWRbYV07ZT9BcnJheS5pc0FycmF5KGUpJiYg&i=2-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
zB9rMol-mZ0rj6q6jvTi4nbC7TVbu1Ej7lMs8iyTRz8xp4rDGKhsdg==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=QShlKTpkW2FdPUN9fXRvSlNPTigpe2NvbnN0IGE9dGhpcy5qO3JldHVybiBCP2E6cWEoYSx1YSl9fTt3YS5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5qLnRvU3RyaW5nKCl9O2Z1bmN0aW9uIHhhKGEsYil7cmV0dXJuIHBhKGIpfWxldCB2YTt2YXIgeWE9Y2xhc3MgZXh0ZW5kcyB3YXt9O09iamVjdC5kZWZpbmVQcm9wZXJ0aWVzKHlhLHtbU3ltYm9sLmhhc0luc3RhbmNlXTpvYSgoKT0%2Be3Rocm93IEVycm9yKFwiQ2Fubm90IHBlcmZvcm0gaW5zdGFuY2VvZiBjaGVja3MgZm9yIE11dGFibGVNZXNzYWdlXCIpO30pfSk7Y2xhc3MgRiBleHRlbmRzIHlhe31PYmplY3QuZGVmaW5lUHJvcGVydGllcyhGLHtbU3ltYm9sLmhhc0luc3RhbmNlXTpvYShPYmplY3RbU3ltYm9sLmhhc0luc3RhbmNlXSl9KTt2YXIgRz1jbGFzc3tjb25zdHJ1Y3RvcihhLGI9ITEpe3RoaXMua2V5PWE7dGhpcy5kZWZhdWx0VmFsdWU9Yjt0aGlzLnZhbHVlVHlwZT1cImJvb2xlYW5cIn19O3ZhciB6YT1uZXcgRyhcIjQ1MzY4MjU5XCIpLEFhPW5ldyBHKFwiNDUzNTcxNTZcIiwhMCksQmE9bmV3IEcoXCI0NTM1MDg5MFwiKTt2YXIgSD0oYSxiKT0%2BXCImYWR1cmw9XCI9PWEuc3Vic3RyaW5nKGEubGVuZ3RoLTcpP2Euc3Vic3RyaW5nKDAsYS5sZW5ndGgtNykrYitcIiZhZHVybD1cIjphK2I7LyogIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovIGZ1bmN0aW9uIEkoYSxiLGMpe2EuYWRkRXZlbnRMaXN0ZW5lciYmYS5hZGRFdmVudExpc3RlbmVyKGIsYywhMSl9O3ZhciBDYT1SZWdFeHAoXCJeKD86KFteOi8%2FIy5dKyk6KT8oPzovLyg%2FOihbXlxcXFxcXFxcLz8jXSopQCk%2FKFteXFxcXFxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXFxcXFwvPyNdfCQpKT8oW14%2FI10rKT8oPzpcXFxcPyhbXiNdKikpPyg%2FOiMoW1xcXFxzXFxcXFNdKikpPyRcIik7ZnVuY3Rpb24gRGEoKXtpZighZ2xvYmFsVGhpcy5jcnlwdG8pcmV0dXJuIE1hdGgucmFuZG9tKCk7dHJ5e2NvbnN0IGE9bmV3IFVpbnQzMkFycmF5KDEpO2dsb2JhbFRoaXMuY3J5cHRvLmdldFJhbmRvbVZhbHVlcyhhKTtyZXR1cm4gYVswXS82NTUzNi82NTUzNn1jYXRjaChhKXtyZXR1cm4gTWF0aC5yYW5kb20oKX19ZnVuY3Rpb24gSWEoYSxiKXtpZihhKWZvcihjb25zdCBjIGluIGEpT2JqZWN0LnByb3RvdHlwZS5oYXNPd25Qcm9wZXJ0eS5jYWxsKGEsYykmJmIoYVtjXSxjLGEpfWZ1bmN0aW9uIEphKGE9ZG9jdW1lbnQpe3JldHVybiBhLmNyZWF0ZUVsZW1lbnQoXCJpbWdcIil9O2Z1bmN0aW9uIEthKGEsYj1udWxsKXtMYShhLGIpfWZ1bmN0aW9uIExhKGEsYil7cC5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChwLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cz1bXSk7Y29uc3QgYz1KYShwLmRvY3VtZW50KTtpZihiKXtjb25zdCBkPWU9PntiJiZiKGUpO2MucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYy5yZW1vdmVFdmVudExpc3RlbmVyKFwibG9hZFwiLGQsITEpO2MucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYy5yZW1vdmVFdmVudExpc3RlbmVyKFwiZXJyb3JcIixkLCExKX07SShjLFwibG9hZFwiLGQpO0koYyxcImVycm9yXCIsZCl9Yy5zcmM9YTtwLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cy5wdXNoKGMpfTtsZXQgSj0wO2Z1bmN0aW9uIE1hKGEsYj1udWxsKXtyZXR1cm4gYiYmYi5nZXRBdHRyaWJ1dGUoXCJkYXRhLWpjXCIpPT09U3RyaW5nKGEpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcihgWyR7XCJkYXRhLWpjXCJ9PVwiJHthfVwiXWApfTtmdW5jdGlvbiBMKGEpe018fChNPW5ldyBOYSk7Y29uc3QgYj1NLmdbYS5rZXldO2lmKFwicHJvdG9cIj09PWEudmFsdWVUeXBlKXt0cnl7Y29uc3QgYz1KU09OLnBhcnNlKGIpO2lmKEFycmF5LmlzQXJyYXkoYykpcmV0dXJuIGN9Y2F0Y2goYyl7fXJldHVybiBhLmRlZmF1bHRWYWx1ZX1yZXR1cm4gdHlwZW9mIGI9PT10eXBlb2YgYS5kZWZhdWx0VmFsdWU%2FYjphLmRlZmF1bHRWYWx1ZX12YXIgT2E9Y2xhc3N7Y29uc3RydWN0b3IoKXt0aGlzLmc9e319fTt2YXIgTmE9Y2xhc3MgZXh0ZW5kcyBPYXtjb25zdHJ1Y3Rvcigpe3N1cGVyKCk7dmFyIGE9TWEoSixkb2N1bWVudC5jdXJyZW50U2NyaXB0KTthPWEmJmEuZ2V0QXR0cmlidXRlKFwiZGF0YS1qYy1mbGFnc1wiKXx8XCJcIjt0cnl7Y29uc3QgYj1KU09OLnBhcnNlKGEpWzBdO2E9XCJcIjtmb3IobGV0IGM9MDtjPGIubGVuZ3RoO2MrKylhKz1TdHJpbmcuZnJvbUNoYXJDb2RlKGIuY2hhckNvZGVBdChjKV5cIlxcdTAwMDNcXHUwMDA3XFx1MDAwM1xcdTAwMDdcXGJcXHUwMDA0XFx1MDAwNFxcdTAwMDZcXHUwMDA1XFx1MDAwM1wiLmNoYXJDb2RlQXQoYyUxMCkpO3RoaXMuZz1KU09OLnBhcnNlKGEpfWNhdGNoKGIpe319fSxNO3ZhciBQYT13aW5kb3c7Y2xhc3MgUWF7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fFwiXCI7dGhpcy5pZD1iLmlkfHxcImpzZXJyb3JcIjt0aGlzLm1ldGE9e319fTtjb25zdCBSYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKTt2YXIgU2E9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn19LFRhPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy51cmw9YTt0aGlzLnM9ISFiO3RoaXMuZGVwdGg9bnVsbH19O2Z1bmN0aW9uIE4oYSxiKXtjb25zdCBjPXt9O2NbYV09YjtyZXR1cm5bY119ZnVuY3Rpb24gVWEoYSxiLGMsZCxlKXtjb25zdCBmPVtdO0lhKGEsZnVuY3Rpb24oZyxsKXsoZz1WYShnLGIsYyxkLGUpKSYmZi5wdXNoKGwrXCI9XCIrZyl9KTtyZXR1cm4gZi5qb2luKGIpfSBmdW5jdGlvbiBWYShhLGIsYyxkLGUpe2lmKG51bGw9PWEpcmV0dXJuXCJcIjtiPWJ8fFwiJlwiO2M9Y3x8XCIsJFwiO1wic3RyaW5nXCI9PXR5cGVvZiBjJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGQ9ZHx8MCxkPGMubGVuZ3RoKXtjb25zdCBmPVtdO2ZvcihsZXQgZz0wO2c8YS5sZW5ndGg7ZysrKWYucHVzaChWYShhW2ddLGIsYyxkKzEsZSkpO3JldHVybiBmLmpvaW4oY1tkXSl9fWVsc2UgaWYoXCJvYmplY3RcIj09dHlwZW9mIGEpcmV0dXJuIGU9ZXx8MCwyPmU%2FZW5jb2RlVVJJQ29tcG9uZW50KFVhKGEsYixjLGQsZSsxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9ZnVuY3Rpb24gV2EoYSl7bGV0IGI9MTtmb3IoY29uc3QgYyBpbiBhLmgpYj1jLmxlbmd0aD5iP2MubGVuZ3RoOmI7cmV0dXJuIDM5OTctYi1hLmkubGVuZ3RoLTF9IGZ1bmN0aW9uIFhhKGEsYixjKXtiPWIrXCIvL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tXCIrYztsZXQgZD1XYShhKS1jLmxlbmd0aDtpZigwPmQpcmV0dXJuXCJcIjthLmcuc29ydChmdW5jdGlvbihmLGcpe3JldHVybiBmLWd9KTtjPW51bGw7bGV0IGU9XCJcIjtmb3IobGV0IGY9MDtmPGEuZy5sZW5ndGg7ZisrKXtjb25zdCBnPWEuZ1tmXSxsPWEuaFtnXTtmb3IobGV0IGs9MDtrPGwubGVuZ3RoO2srKyl7aWYoIWQpe2M9bnVsbD09Yz9nOmM7YnJlYWt9bGV0IGg9VWEobFtrXSxhLmksXCIsJFwiKTtpZihoKXtoPWUraDtpZihkPj1oLmxlbmd0aCl7ZC09aC5sZW5ndGg7Yis9aDtlPWEuaTticmVha31jPW51bGw9PWM%2FZzpjfX19YT1cIlwiO251bGwhPWMmJihhPWUrXCJ0cm49XCIrYyk7cmV0dXJuIGIrYX1jbGFzcyBPe2NvbnN0cnVjdG9yKCl7dGhpcy5pPVwiJlwiO3RoaXMuaD17fTt0aGlzLmw9MDt0aGlzLmc9W119fTtmdW5jdGlvbiBZYSgpe3ZhciBhPVAsYj13aW5kb3cuZ29vZ2xlX3NydDswPD1iJiYxPj1iJiYoYS5nPWIpfWZ1bmN0aW9uIFEoYSxiLGMsZCxlLGYpe2lmKChkP2EuZzpNYXRoLnJhbmRvbSgpKTwoZXx8LjAxKSl0cnl7bGV0IGc7YyBpbnN0YW5jZW9mIE8%2FZz1jOihnPW5ldyBPLElhKGMsKGssaCk9Pnt2YXIgbj1nO2NvbnN0IG09bi5sKys7az1OKGgsayk7bi5nLnB1c2gobSk7bi5oW21dPWt9KSk7Y29uc3QgbD1YYShnLGEuaCxcIi9wYWdlYWQvZ2VuXzIwND9pZD1cIitiK1wiJlwiKTtsJiYoXCJ1bmRlZmluZWRcIiE9PXR5cGVvZiBmP0thKGwsZik6S2EobCkpfWNhdGNoKGcpe319Y2xhc3MgWmF7Y29uc3RydWN0b3IoKXt0aGlzLmg9XCJodHRwOlwiPT09UGEubG9jYXRpb24ucHJvdG9jb2w%2FXCJodHRwOlwiOlwiaHR0cHM6XCI7dGhpcy5nPU1hdGgucmFuZG9tKCl9fTtsZXQgUj1udWxsO3ZhciAkYT0oKT0%2Be2NvbnN0IGE9cC5wZXJmb3JtYW5jZTtyZXR1cm4gYSYmYS5ub3cmJmEudGltaW5nP01hdGguZmxvb3IoYS5ub3coKSthLnRpbWluZy5uYXZpZ2F0aW9uU3RhcnQpOkRhdGUubm93KCl9LGFiPSgpPT57Y29uc3QgYT1wLnBlcmZvcm1hbmNlO3JldHVybiBhJiZhLm5vdz9hLm5vdygpOm51bGx9O2NsYXNzIGJie2NvbnN0cnVjdG9yKGEsYil7dmFyIGM9YWIoKXx8JGEoKTt0aGlzLmxhYmVsPWE7dGhpcy50eXBlPWI7dGhpcy52YWx1ZT1jO3RoaXMuZHVyYXRpb249MDt0aGlzLnVuaXF1ZUlkPU1hdGgucmFuZG9tKCk7dGhpcy50YXNrSWQ9dGhpcy5zbG90SWQ9dm9pZCAwfX07Y29uc3QgUz1wLnBlcmZvcm1hbmNlLGNiPSEhKFMmJlMubWFyayYmUy5tZWFzdXJlJiZTLmNsZWFyTWFya3MpLFQ9ZnVuY3Rpb24oYSl7bGV0IGI9ITEsYztyZXR1cm4gZnVuY3Rpb24oKXtifHwoYz1hKCksYj0hMCk7cmV0dXJuIGN9fSgoKT0%2Be3ZhciBhO2lmKGE9Y2Ipe3ZhciBiO2lmKG51bGw9PT1SKXtSPVwiXCI7dHJ5e2E9XCJcIjt0cnl7YT1wLnRvcC5sb2NhdGlvbi5oYXNofWNhdGNoKGMpe2E9cC5sb2NhdGlvbi5oYXNofWEmJihSPShiPWEubWF0Y2goL1xcYmRlaWQ9KFtcXGQsXSspLykpP2JbMV06XCJcIil9Y2F0Y2goYyl7fX1iPVI7YT0hIWIuaW5kZXhPZiYmMDw9Yi5pbmRleE9mKFwiMTMzN1wiKX1yZXR1cm4gYX0pO2Z1bmN0aW9uIGRiKGEpe2EmJlMmJlQoKSYmKFMuY2xlYXJNYXJrcyhgZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fc3RhcnRgKSxTLmNsZWFyTWFya3MoYGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X2VuZGApKX0gY2xhc3MgZWJ7Y29uc3RydWN0b3IoKXt2YXIgYT13aW5kb3c7dGhpcy5oPVtdO3RoaXMuaT1hfHxwO2xldCBiPW51bGw7YSYmKGEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZT1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWV8fFtdLHRoaXMuaD1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWUsYj1hLmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZyk7dGhpcy5nPVQoKXx8KG51bGwhPWI%2FYjoxPk1hdGgucmFuZG9tKCkpfXN0YXJ0KGEsYil7aWYoIXRoaXMuZylyZXR1cm4gbnVsbDthPW5ldyBiYihhLGIpO2I9YGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X3N0YXJ0YDtTJiZUKCkmJlMubWFyayhiKTtyZXR1cm4gYX1lbmQoYSl7aWYodGhpcy5nJiZcIm51bWJlclwiPT09dHlwZW9mIGEudmFsdWUpe2EuZHVyYXRpb249KGFiKCl8fCRhKCkpLWEudmFsdWU7dmFyIGI9YGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X2VuZGA7UyYmVCgpJiZTLm1hcmsoYik7IXRoaXMuZ3x8MjA0ODwgdGhpcy5oLmxlbmd0aHx8dGhpcy5oLnB1c2goYSl9fX07ZnVuY3Rpb24gVShhKXtsZXQgYj1hLnRvU3RyaW5nKCk7YS5uYW1lJiYtMT09Yi5pbmRleE9mKGEubmFtZSkmJihiKz1cIjogXCIrYS5uYW1lKTthLm1lc3NhZ2UmJi0xPT1iLmluZGV4T2YoYS5tZXNzYWdlKSYmKGIrPVwiOiBcIithLm1lc3NhZ2UpO2lmKGEuc3RhY2spe2E9YS5zdGFjazt0cnl7LTE9PWEuaW5kZXhPZihiKSYmKGE9YitcIlxcblwiK2EpO2xldCBjO2Zvcig7YSE9YzspYz1hLGE9YS5yZXBsYWNlKC8oKGh0dHBzPzpcXC8uLipcXC8pW15cXC86XSo6XFxkKyg%2FOi58XFxuKSopXFwyLyxcIiQxXCIpO2I9YS5yZXBsYWNlKC9cXG4gKi9nLFwiXFxuXCIpfWNhdGNoKGMpe319cmV0dXJuIGJ9IGZ1bmN0aW9uIG&i=3-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Sat, 04 Jun 2022 07:02:48 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
U9Aa1Ts2WRRhY71diV5F0Ce6MGvK4GmrRYQ06NHlKBZmPdFAKnX9Jw==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=ZiKGEsYixjLGQpe2xldCBlLGY7dHJ5e2EuZyYmYS5nLmc%2FKGY9YS5nLnN0YXJ0KGIudG9TdHJpbmcoKSwzKSxlPWMoKSxhLmcuZW5kKGYpKTplPWMoKX1jYXRjaChnKXtjPSEwO3RyeXtkYihmKSxjPWEudihiLG5ldyBRYShnLHttZXNzYWdlOlUoZyl9KSx2b2lkIDAsZCl9Y2F0Y2gobCl7YS5sKDIxNyxsKX1pZihjKXtsZXQgbCxrO251bGw9PShsPXdpbmRvdy5jb25zb2xlKXx8bnVsbD09KGs9bC5lcnJvcil8fGsuY2FsbChsLGcpfWVsc2UgdGhyb3cgZzt9cmV0dXJuIGV9ZnVuY3Rpb24gZ2IoYSxiLGMsZCl7dmFyIGU9VjtyZXR1cm4oLi4uZik9PmZiKGUsYSwoKT0%2BYi5hcHBseShjLGYpLGQpfSBjbGFzcyBoYntjb25zdHJ1Y3RvcihhPW51bGwpe3RoaXMudT1QO3RoaXMuaD1udWxsO3RoaXMudj10aGlzLmw7dGhpcy5nPWE7dGhpcy5pPSExfWwoYSxiLGMsZCxlKXtlPWV8fFwianNlcnJvclwiO2xldCBmO3RyeXtjb25zdCB3PW5ldyBPO3ZhciBnPXc7Zy5nLnB1c2goMSk7Zy5oWzFdPU4oXCJjb250ZXh0XCIsYSk7Yi5lcnJvciYmYi5tZXRhJiZiLmlkfHwoYj1uZXcgUWEoYix7bWVzc2FnZTpVKGIpfSkpO2lmKGIubXNnKXtnPXc7dmFyIGw9Yi5tc2cuc3Vic3RyaW5nKDAsNTEyKTtnLmcucHVzaCgyKTtnLmhbMl09TihcIm1zZ1wiLGwpfXZhciBrPWIubWV0YXx8e307Yj1rO2lmKHRoaXMuaCl0cnl7dGhpcy5oKGIpfWNhdGNoKHUpe31pZihkKXRyeXtkKGIpfWNhdGNoKHUpe31kPXc7az1ba107ZC5nLnB1c2goMyk7ZC5oWzNdPWs7ZD1wO2s9W107bGV0IEs7Yj1udWxsO2Rve3ZhciBoPWQ7dHJ5e3ZhciBuO2lmKG49ISFoJiZudWxsIT1oLmxvY2F0aW9uLmhyZWYpYjp7dHJ5e3IoaC5mb28pOyBuPSEwO2JyZWFrIGJ9Y2F0Y2godSl7fW49ITF9dmFyIG09bn1jYXRjaCh1KXttPSExfW0%2FKEs9aC5sb2NhdGlvbi5ocmVmLGI9aC5kb2N1bWVudCYmaC5kb2N1bWVudC5yZWZlcnJlcnx8bnVsbCk6KEs9YixiPW51bGwpO2sucHVzaChuZXcgVGEoS3x8XCJcIikpO3RyeXtkPWgucGFyZW50fWNhdGNoKHUpe2Q9bnVsbH19d2hpbGUoZCYmaCE9ZCk7Zm9yKGxldCB1PTAsRWE9ay5sZW5ndGgtMTt1PD1FYTsrK3Upa1t1XS5kZXB0aD1FYS11O2g9cDtpZihoLmxvY2F0aW9uJiZoLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyYmaC5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoPT1rLmxlbmd0aC0xKWZvcihtPTE7bTxrLmxlbmd0aDsrK20pe3ZhciBxPWtbbV07cS51cmx8fChxLnVybD1oLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2luc1ttLTFdfHxcIlwiLHEucz0hMCl9dmFyIHg9aztsZXQgWD1uZXcgVGEocC5sb2NhdGlvbi5ocmVmLCExKTtoPW51bGw7Y29uc3QgWT14Lmxlbmd0aC0xO2ZvcihxPSBZOzA8PXE7LS1xKXt2YXIgeT14W3FdOyFoJiZSYS50ZXN0KHkudXJsKSYmKGg9eSk7aWYoeS51cmwmJiF5LnMpe1g9eTticmVha319eT1udWxsO2NvbnN0IHBiPXgubGVuZ3RoJiZ4W1ldLnVybDswIT1YLmRlcHRoJiZwYiYmKHk9eFtZXSk7Zj1uZXcgU2EoWCx5KTtpZihmLmgpe3g9dzt2YXIgej1mLmgudXJsfHxcIlwiO3guZy5wdXNoKDQpO3guaFs0XT1OKFwidG9wXCIseil9dmFyIFo9e3VybDpmLmcudXJsfHxcIlwifTtpZihmLmcudXJsKXt2YXIgYWE9Zi5nLnVybC5tYXRjaChDYSksRD1hYVsxXSxGYT1hYVszXSxHYT1hYVs0XTt6PVwiXCI7RCYmKHorPUQrXCI6XCIpO0ZhJiYoeis9XCIvL1wiLHorPUZhLEdhJiYoeis9XCI6XCIrR2EpKTt2YXIgSGE9en1lbHNlIEhhPVwiXCI7RD13O1o9W1ose3VybDpIYX1dO0QuZy5wdXNoKDUpO0QuaFs1XT1aO1EodGhpcy51LGUsdyx0aGlzLmksYyl9Y2F0Y2godyl7dHJ5e1EodGhpcy51LGUse2NvbnRleHQ6XCJlY21zZXJyXCIscmN0eDphLG1zZzpVKHcpLHVybDpmJiYgZi5nLnVybH0sdGhpcy5pLGMpfWNhdGNoKEspe319cmV0dXJuITB9fTt2YXIgaWI9YT0%2Be3ZhciBiPVwib1wiO2lmKGEubyYmYS5oYXNPd25Qcm9wZXJ0eShiKSlyZXR1cm4gYS5vO2I9bmV3IGE7cmV0dXJuIGEubz1ifTtjbGFzcyBqYntjb25zdHJ1Y3Rvcigpe3RoaXMuZz0oKT0%2BW119fTtsZXQgUCxWO2NvbnN0IFc9bmV3IGViO3ZhciBrYj0oKT0%2Be3dpbmRvdy5nb29nbGVfbWVhc3VyZV9qc190aW1pbmd8fChXLmc9ITEsVy5oIT1XLmkuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZSYmKFQoKSYmQXJyYXkucHJvdG90eXBlLmZvckVhY2guY2FsbChXLmgsZGIsdm9pZCAwKSxXLmgubGVuZ3RoPTApKX07KGE9PntQPW51bGwhPWE%2FYTpuZXcgWmE7XCJudW1iZXJcIiE9PXR5cGVvZiB3aW5kb3cuZ29vZ2xlX3NydCYmKHdpbmRvdy5nb29nbGVfc3J0PU1hdGgucmFuZG9tKCkpO1lhKCk7Vj1uZXcgaGIoVyk7Vi5oPWI9Pnt2YXIgYz1KOzAhPT1jJiYoYi5qYz1TdHJpbmcoYyksYz0oYz1NYShjLGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpKSYmYy5nZXRBdHRyaWJ1dGUoXCJkYXRhLWpjLXZlcnNpb25cIil8fFwidW5rbm93blwiLGIuc2h2PWMpfTtWLmk9ITA7XCJjb21wbGV0ZVwiPT13aW5kb3cuZG9jdW1lbnQucmVhZHlTdGF0ZT9rYigpOlcuZyYmSSh3aW5kb3csXCJsb2FkXCIsKCk9PntrYigpfSl9KSgpOyB2YXIgbGI9KGEsYixjLGQpPT5nYihhLGIsYyxkKSxtYj0oYSxiLGMsZCk9Pntjb25zdCBlPWliKGpiKS5nKCk7IWIuZWlkJiZlLmxlbmd0aCYmKGIuZWlkPWUudG9TdHJpbmcoKSk7UShQLGEsYiwhMCxjLGQpfTtmdW5jdGlvbiBuYigpe2NvbnN0IGE9d2luZG93O2xldCBiO2lmKGEuZ21hU2RrfHwobnVsbD09KGI9YS53ZWJraXQpPzA6Yi5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMpKXJldHVybiBhO3RyeXtjb25zdCBjPXdpbmRvdy5wYXJlbnQ7bGV0IGQ7aWYoYy5nbWFTZGt8fChudWxsPT0oZD1jLndlYmtpdCk%2FMDpkLm1lc3NhZ2VIYW5kbGVycy5nZXRHbWFWaWV3U2lnbmFscykpcmV0dXJuIGN9Y2F0Y2goYyl7fXJldHVybiBudWxsfSBmdW5jdGlvbiBvYihhLGI9e30sYz0oKT0%2Be30sZD0oKT0%2Be30sZT0yMDAsZixnKXtjb25zdCBsPVN0cmluZyhNYXRoLmZsb29yKDIxNDc0ODM2NDcqRGEoKSkpO2xldCBrPTA7Y29uc3QgaD1uPT57dHJ5e2NvbnN0IG09XCJvYmplY3RcIj09PXR5cGVvZiBuLmRhdGE%2Fbi5kYXRhOkpTT04ucGFyc2Uobi5kYXRhKTtsPT09bS5wYXdfaWQmJih3aW5kb3cuY2xlYXJUaW1lb3V0KGspLHdpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLGgpLG0uc2lnbmFsP2MobS5zaWduYWwpOm0uZXJyb3ImJmQobS5lcnJvcikpfWNhdGNoKG0pe2coXCJwYXdfc2lnc1wiLHttc2c6XCJwb3N0bWVzc2FnZUVycm9yXCIsZXJyOm0gaW5zdGFuY2VvZiBFcnJvcj9tLm1lc3NhZ2U6XCJub25FcnJvclwiLGRhdGE6bnVsbD09bi5kYXRhP1wibnVsbFwiOjUwMDxuLmRhdGEubGVuZ3RoP24uZGF0YS5zdWJzdHJpbmcoMCw1MDApOm4uZGF0YX0pfX07d2luZG93LmFkZEV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsbj0%2Be2YoOTAzLCAoKT0%2Be2gobil9KSgpfSk7YS5wb3N0TWVzc2FnZShPYmplY3QuYXNzaWduKHt9LHtwYXdfaWQ6bH0sYikpO2s9d2luZG93LnNldFRpbWVvdXQoKCk9Pnt3aW5kb3cucmVtb3ZlRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixoKTtkKFwiUEFXIEdNQSBwb3N0bWVzc2FnZSB0aW1lZCBvdXQuXCIpfSxlKX07dmFyIHFiPW5ldyBjbGFzc3tjb25zdHJ1Y3RvcihhLGI9ITEpe3RoaXMuZz1hO3RoaXMuZGVmYXVsdFZhbHVlPWJ9fSg0MzQ0NjIxMjUsITApO3ZhciByYj1jbGFzc3tjb25zdHJ1Y3Rvcigpe2NvbnN0IGE9e307dGhpcy5nPSgpPT57dmFyIGI9cWIuZyxjPXFiLmRlZmF1bHRWYWx1ZTtyZXR1cm4gbnVsbCE9YVtiXT9hW2JdOmN9fX07ZnVuY3Rpb24gc2IoYSxiKXtyZXR1cm4gRShhLDIsYil9ZnVuY3Rpb24gdGIoYSxiKXtyZXR1cm4gRShhLDMsYil9ZnVuY3Rpb24gdWIoYSxiKXtyZXR1cm4gRShhLDQsYil9ZnVuY3Rpb24gdmIoYSxiKXtyZXR1cm4gRShhLDUsYil9ZnVuY3Rpb24gd2IoYSxiKXtyZXR1cm4gRShhLDksYil9ZnVuY3Rpb24geGIoYSxiKXtuYShhKTtsZXQgYztpZihudWxsIT1iKXtjPUEoW10pO2xldCBkPSExO2ZvcihsZXQgZT0wO2U8Yi5sZW5ndGg7ZSsrKWNbZV09YltlXS5qLGQ9ZHx8bGEoY1tlXSk7YS5sfHwoYS5sPXt9KTthLmxbMTBdPWI7Yj1jO2lmKCFBcnJheS5pc0FycmF5KGIpKXRocm93IEVycm9yKFwiY2Fubm90IG1hcmsgbm9uLWFycmF5IGFzIG11dGFibGVcIik7ZD9PYmplY3QuaXNGcm96ZW4oYil8fCh2P2Jbdl0mPS05OnZvaWQgMCE9PWIubSYmKGIubSY9LTkpKTpqYShiLDgpfWVsc2UgYS5sJiYoYS5sWzEwXT12b2lkIDApLGM9QztyZXR1cm4gRShhLDEwLGMpfSBmdW5jdGlvbiB5YihhLGIpe3JldHVybiBFKGEsMTEsYil9ZnVuY3Rpb24gemIoYSxiKXtyZXR1cm4gRShhLDEsYil9dmFyIEJiPWNsYXNzIGV4dGVuZHMgRntjb25zdHJ1Y3Rvcigpe3N1cGVyKHZvaWQgMCwtMSxBYil9fSxDYj1jbGFzcyBleHRlbmRzIEZ7Y29uc3RydWN0b3IoKXtzdXBlcih2b2lkIDApfX0sQWI9WzEwLDZdO2NvbnN0IERiPVwicGxhdGZvcm0gcGxhdGZvcm1WZXJzaW9uIGFyY2hpdGVjdHVyZSBtb2RlbCB1YUZ1bGxWZXJzaW9uIGJpdG5lc3MgZnVsbFZlcnNpb25MaXN0IHdvdzY0XCIuc3BsaXQoXCIgXCIpO2Z1bmN0aW9uIEViKGEpe2xldCBiO3JldHVybiBudWxsIT0oYj1hLmdvb2dsZV90YWdfZGF0YSk%2FYjphLmdvb2dsZV90YWdfZGF0YT17fX0gZnVuY3Rpb24gRmIoYSl7bGV0IGIsYztpZihcImZ1bmN0aW9uXCIhPT10eXBlb2YobnVsbD09KGI9YS5uYXZpZ2F0b3IpP3ZvaWQgMDpudWxsPT0oYz1iLnVzZXJBZ2VudERhdGEpP3ZvaWQgMDpjLmdldEhpZ2hFbnRyb3B5VmFsdWVzKSlyZXR1cm4gbnVsbDtjb25zdCBkPUViKGEpO2lmKGQudWFjaF9wcm9taXNlKXJldHVybiBkLnVhY2hfcHJvbWlzZTthPWEubmF2aWdhdG9yLnVzZXJBZ2VudERhdGEuZ2V0SGlnaEVudHJvcHlWYWx1ZXMoRGIpLnRoZW4oZT0%2Be251bGwhPWQudWFjaHx8KGQudWFjaD1lKTtyZXR1cm4gZX0pO3JldHVybiBkLnVhY2hfcHJvbWlzZT1hfSBmdW5jdGlvbiBHYihhKXtsZXQgYjtyZXR1cm4geWIoeGIod2IodmIodWIodGIoc2IoemIobmV3IEJiLGEucGxhdGZvcm18fFwiXCIpLGEucGxhdGZvcm1WZXJzaW9ufHxcIlwiKSxhLmFyY2hpdGVjdHVyZXx8XCJcIiksYS5tb2RlbHx8XCJcIiksYS51YUZ1bGxWZXJzaW9ufHxcIlwiKSxhLmJpdG5lc3N8fFwiXCIpLChudWxsPT0oYj1hLmZ1bGxWZXJzaW9uTGlzdCk%2Fdm9pZCAwOmIubWFwKGM9Pnt2YXIgZD1uZXcgQ2I7ZD1FKGQsMSxjLmJyYW5kKTtyZXR1cm4gRShkLDIsYy52ZXJzaW9uKX0pKXx8W10pLGEud293NjR8fCExKX0gZnVuY3Rpb24gSGIoKXt2YXIgYT13aW5kb3c7aWYoaWIocmIpLmcoKSl7bGV0IGUsZjtyZXR1cm4gbnVsbCE9KGY9bnVsbD09KGU9RmIoYSkpP3ZvaWQgMDplLnRoZW4oZz0%2BR2IoZykpKT9mOm51bGx9bGV0IGIsYztpZihcImZ1bmN0aW9uXCIhPT10eXBlb2YobnVsbD09KGI9YS5uYXZpZ2F0b3IpP3ZvaWQgMDpudWxsPT0oYz1iLnVzZXJBZ2VudERhdGEpP3ZvaWQgMDpjLmdldEhpZ2hFbnRyb3B5VmFsdWVzKSlyZXR1cm4gbnVsbDtsZXQgZDtyZXR1cm4gbnVsbCE9KGQ9YS5uYXZpZ2F0b3IudXNlckFnZW50RGF0YS5nZXRIaWdoRW50cm9weVZhbHVlcyhEYikudGhlbihlPT5HYihlKSkpP2Q6bnVsbH07Y2xhc3MgSWJ7Y29uc3RydWN0b3IoKXt0aGlzLnByb21pc2U9bmV3IFByb21pc2UoYT0%2Be3RoaXMuZz1hfSl9fTt3aW5kb3cudmlld1JlcT1bXTtjb25zdCBKYj1hPT57Y29uc3QgYj1uZXcgSW1hZ2U7Yi5zcmM9YS5yZXBsYWNlKFwiJmFtcDtcIixcIiZcIik7d2luZG93LnZpZXdSZXEucHVzaChiKX0sS2I9YT0%2Be2ZldGNoKGEse2tlZXBhbGl2ZTohMCxjcmVkZW50aWFsczpcImluY2x1ZGVcIixyZWRpcmVjdDpcImZvbGxvd1wiLG1ldGhvZDpcImdldFwiLG1vZGU6XCJuby1jb3JzXCJ9KS5jYXRjaCgoKT0%2Be0piKGEpfSl9LExiPWE9Pnt3aW5kb3cuZmV0Y2&i=4-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
D4Pi4ZAlWSEliE9Y1RUXRpOQSmtpLUwadlEqlNbawluWXYaMwuxMyg==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=g%2FS2IoYSk6SmIoYSl9O0o9NDI7IHdpbmRvdy52dT1hPT57Y29uc3QgYj1MKEFhKSxjPW5iKCk7dmFyIGQ7aWYoYiYmbnVsbCE9KG51bGw9PWM%2Fdm9pZCAwOm51bGw9PShkPWMuZ21hU2RrKT92b2lkIDA6ZC5nZXRWaWV3U2lnbmFscykpe3ZhciBlOyhkPW51bGw9PWM%2Fdm9pZCAwOm51bGw9PShlPWMuZ21hU2RrKT92b2lkIDA6ZS5nZXRWaWV3U2lnbmFscygpKSYmKGE9SChhLFwiJm1zPVwiK2QpKX1MKHphKSYmXCJfX2dvb2dsZV9saWRhcl9yYWRmX1wiaW4gd2luZG93JiYoYT1IKGEsXCImYXZyYWRmPTFcIikpO2NvbnN0IGY9W107ZT0oKT0%2Be2NvbnN0IGw9bmV3IEliO2YucHVzaChsLnByb21pc2UpO3JldHVybiBsLmd9O2lmKEwoQmEpJiYoZD1IYigpLG51bGwhPWQpKXtjb25zdCBsPWUoKTtkLnRoZW4oaz0%2Be2E6e0I9ITA7dHJ5e3ZhciBoPUpTT04uc3RyaW5naWZ5KGsudG9KU09OKCkseGEpO2JyZWFrIGF9ZmluYWxseXtCPSExfWg9dm9pZCAwfWs9aDtoPVtdO2Zvcih2YXIgbj0wLG09MDttPGsubGVuZ3RoO20rKyl7dmFyIHE9IGsuY2hhckNvZGVBdChtKTsyNTU8cSYmKGhbbisrXT1xJjI1NSxxPj49OCk7aFtuKytdPXF9az1oYShoLDMpOzA8ay5sZW5ndGgmJihhPUgoYSxcIiZ1YWNoPVwiK2spKTtsKCl9KX1sZXQgZztpZihiJiZudWxsIT0obnVsbD09Yz92b2lkIDA6bnVsbD09KGc9Yy53ZWJraXQpP3ZvaWQgMDpnLm1lc3NhZ2VIYW5kbGVycy5nZXRHbWFWaWV3U2lnbmFscykpe2NvbnN0IGw9ZSgpO2xldCBrO29iKG51bGw9PWM%2Fdm9pZCAwOm51bGw9PShrPWMud2Via2l0KT92b2lkIDA6ay5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMse30saD0%2Be2E9SChhLFwiJlwiK2gpO2woKX0sKCk9PntsKCl9LDIwMCxsYixtYil9MDxmLmxlbmd0aD9Qcm9taXNlLmFsbChmKS50aGVuKCgpPT57TGIoYSl9KTpMYihhKX07fSkuY2FsbCh0aGlzKTs8L3NjcmlwdD5cbjxzY3JpcHQ%2BdmFyIGFkRGF0YSA9IHtnb29nbGVfd2lkdGg6IDcyOCxnb29nbGVfaGVpZ2h0OiA5MCxnb29nbGVfY2xpY2tfdXJsOiAnaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2FcXHgzZGxcXHgyNmFpXFx4M2RDRm04V2tBT2JZb3VjTllfdV9nVFU2b3I0Qk5fZHQ2ZHFrYURub3RnTjJ0a2VFQUVnLVp2eGhBRmd5ZmFtak5DazVBLWdBYldReE1BRHlBRUo0QUlBcUFNQnlBTklxZ1RLQWtfUXcxejEwaEtWeFZkb1VkeElSOXVWYzNwTjI3bWR3MjhNaVphclFvSTdUdGQ5aTZYUWtkRC0td2JYTC1DdXFuZVFJUHF3MGhjblVQZXdialVKWDZCR0ZFb2ZjejZNNUU3U3ltUWZIVHVaTzFlay15czRPQXJid3NxemY0N2V2X2czTk9USlhiYkhXSnRnWmRIZEd1U05NZUpramVRVHhYOEw0bW9DZkhRM2NDYmdLLUYyZ3NTWlJvNFZFZm5CQ3JCWUdVSE9RMEx4MVlxb0tBamx0dXBqNFRJS3hHMWF5eXJLVVZHQ21zQmRoMjR6ZGExNmhLZGxmWm9VN0t1TWVoZWIyajBtV0kyUWw1M2Z6MURkSnk0cThqU3d3SV9WZnBPVlFBZ21wX2ZSbnZPaWI1RmJWNi1WNGtwbGNlcGVaNl9ndXhyZkJnS1A2TzBJS1JXQkRpcDZwM19KZ2p2bEhJLU40aG9POTNwd3dqQ3hfeTRtNWs5M3Z1dHdMQjZDT3JQNXZFSVpSNTJ3eUVYTmN6QnkxVl8tWlZ0Mk50X2hKaWs2Qm1kV3Bmb2lDUlZIREwzaTlSMzBfc0FFdjVXUDg4MEQ0QVFCb0FZdWdBZXo3N3NfcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh1b0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmZm43RUMyQWNBMGdnSENJQmhFQUVZSGJFSjFBQTc2RG80NXpDQUNnT1lDd0hJQ3dHQURBRzREQUhZRXczUUZRSDRGZ0dBRndFXFx4MjZhZVxceDNkMVxceDI2bnVtXFx4M2QxXFx4MjZzaWdcXHgzZEFPRDY0XzM1Vjd3X3F0ZzJ2OGpHTHQ4UkMzX2VyTzRFRVFcXHgyNmNsaWVudFxceDNkY2EtcHViLTQxMTM2ODE4ODIzMTE0NTVcXHgyNmFkdXJsXFx4M2QnLGdvb2dsZV9haXRfdXJsOiAnaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2NvbnZlcnNpb24vP2FpXFx4M2RDRm04V2tBT2JZb3VjTllfdV9nVFU2b3I0Qk5fZHQ2ZHFrYURub3RnTjJ0a2VFQUVnLVp2eGhBRmd5ZmFtak5DazVBLWdBYldReE1BRHlBRUo0QUlBcUFNQnlBTklxZ1RLQWtfUXcxejEwaEtWeFZkb1VkeElSOXVWYzNwTjI3bWR3MjhNaVphclFvSTdUdGQ5aTZYUWtkRC0td2JYTC1DdXFuZVFJUHF3MGhjblVQZXdialVKWDZCR0ZFb2ZjejZNNUU3U3ltUWZIVHVaTzFlay15czRPQXJid3NxemY0N2V2X2czTk9USlhiYkhXSnRnWmRIZEd1U05NZUpramVRVHhYOEw0bW9DZkhRM2NDYmdLLUYyZ3NTWlJvNFZFZm5CQ3JCWUdVSE9RMEx4MVlxb0tBamx0dXBqNFRJS3hHMWF5eXJLVVZHQ21zQmRoMjR6ZGExNmhLZGxmWm9VN0t1TWVoZWIyajBtV0kyUWw1M2Z6MURkSnk0cThqU3d3SV9WZnBPVlFBZ21wX2ZSbnZPaWI1RmJWNi1WNGtwbGNlcGVaNl9ndXhyZkJnS1A2TzBJS1JXQkRpcDZwM19KZ2p2bEhJLU40aG9POTNwd3dqQ3hfeTRtNWs5M3Z1dHdMQjZDT3JQNXZFSVpSNTJ3eUVYTmN6QnkxVl8tWlZ0Mk50X2hKaWs2Qm1kV3Bmb2lDUlZIREwzaTlSMzBfc0FFdjVXUDg4MEQ0QVFCb0FZdWdBZXo3N3NfcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh1b0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmZm43RUMyQWNBMGdnSENJQmhFQUVZSGJFSjFBQTc2RG80NXpDQUNnT1lDd0hJQ3dHQURBRzREQUhZRXczUUZRSDRGZ0dBRndFXFx4MjZzaWdoXFx4M2RacnBzdVdKdnRnQVxceDI2bGFiZWxcXHgzZF9BSVROQU1FX1xceDI2dmFsdWVcXHgzZF9BSVRWQUxVRV8nLHJlZGlyZWN0X3VybDogJ2h0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhXFx4M2RsXFx4MjZhaVxceDNkQ0ZtOFdrQU9iWW91Y05ZX3VfZ1RVNm9yNEJOX2R0NmRxa2FEbm90Z04ydGtlRUFFZy1adnhoQUZneWZhbWpOQ2s1QS1nQWJXUXhNQUR5QUVKNEFJQXFBTUJ5QU5JcWdUS0FrX1F3MXoxMGhLVnhWZG9VZHhJUjl1VmMzcE4yN21kdzI4TWlaYXJRb0k3VHRkOWk2WFFrZEQtLXdiWEwtQ3VxbmVRSVBxdzBoY25VUGV3YmpVSlg2QkdGRW9mY3o2TTVFN1N5bVFmSFR1Wk8xZWsteXM0T0FyYndzcXpmNDdldl9nM05PVEpYYmJIV0p0Z1pkSGRHdVNOTWVKa2plUVR4WDhMNG1vQ2ZIUTNjQ2JnSy1GMmdzU1pSbzRWRWZuQkNyQllHVUhPUTBMeDFZcW9LQWpsdHVwajRUSUt4RzFheXlyS1VWR0Ntc0JkaDI0emRhMTZoS2RsZlpvVTdLdU1laGViMmowbVdJMlFsNTNmejFEZEp5NHE4alN3d0lfVmZwT1ZRQWdtcF9mUm52T2liNUZiVjYtVjRrcGxjZXBlWjZfZ3V4cmZCZ0tQNk8wSUtSV0JEaXA2cDNfSmdqdmxISS1ONGhvTzkzcHd3akN4X3k0bTVrOTN2dXR3TEI2Q09yUDV2RUlaUjUyd3lFWE5jekJ5MVZfLVpWdDJOdF9oSmlrNkJtZFdwZm9pQ1JWSERMM2k5UjMwX3NBRXY1V1A4ODBENEFRQm9BWXVnQWV6NzdzX3FBZU96aHVvQjVQWUc2Z0g3cGF4QXFnSF9wNnhBcWdIcEtPeEFxZ0gxY2ticUFlbXZodW9CX1BSRzZnSGx0Z2JxQWVxbTdFQ3FBZmZuN0VDMkFjQTBnZ0hDSUJoRUFFWUhiRUoxQUE3NkRvNDV6Q0FDZ09ZQ3dISUN3R0FEQUc0REFIWUV3M1FGUUg0RmdHQUZ3RVxceDI2YWVcXHgzZDFcXHgyNm51bVxceDNkMVxceDI2c2lnXFx4M2RBT0Q2NF8zNVY3d19xdGcydjhqR0x0OFJDM19lck80RUVRXFx4MjZjbGllbnRcXHgzZGNhLXB1Yi00MTEzNjgxODgyMzExNDU1XFx4MjZhZHVybFxceDNkaHR0cHM6Ly9mYWRlcnByby5jb20vcGFnZXMvbmlja3ktcm9tZXJvLW1hc3RlcmNsYXNzJTNGdXRtX3NvdXJjZSUzREZQX2dvb2dsZSUyNnV0bV9tZWRpdW0lM0RkaXNwbGF5JTI2dXRtX2NhbXBhaWduJTNEbmlja3lfcm9tZXJvX3BhcnRfMSUyNmdjbGlkJTNERUFJYUlRb2JDaE1JaTZTbG1aMlQtQUlWRDdlZkNoMVV0UUpQRUFFWUFTQUFFZ0lfd1BEX0J3RScsdmlzaWJsZV91cmw6ICdmYWRlcnByby5jb20nLGRlc3RpbmF0aW9uX3VybDogJ2h0dHBzOi8vZmFkZXJwcm8uY29tL3BhZ2VzL25pY2t5LXJvbWVyby1tYXN0ZXJjbGFzcz91dG1fc291cmNlXFx4M2RGUF9nb29nbGVcXHgyNnV0bV9tZWRpdW1cXHgzZGRpc3BsYXlcXHgyNnV0bV9jYW1wYWlnblxceDNkbmlja3lfcm9tZXJvX3BhcnRfMVxceDI2Z2NsaWRcXHgzZEVBSWFJUW9iQ2hNSWk2U2xtWjJULUFJVkQ3ZWZDaDFVdFFKUEVBRVlBU0FBRWdJX3dQRF9Cd0UnLGZpbmFsX3VybDogJycsYWN0aXZlX3ZpZXdfYXR0cmlidXRlczogeydhY3RpdmVfdmlld19jbGFzc19uYW1lJzogJ0dvb2dsZUFjdGl2ZVZpZXdFbGVtZW50JywnZGF0YS1nb29nbGUtYXYtY3huJzogJ2h0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGNzL2FjdGl2ZXZpZXc%2FeGFpXFx4M2RBS0FPanN1RHQ2eEhHRGxHZlpDRl85NHA3TUg0Wm5BSG4yWEJLWUZ0SHdXbjkwaEx4d3M3bjVvTWJlVmdka0hRQ21HRExLUV9GQ2REeXBQRVNPZ0RsVmRCR1cta2tuT2czZmpRTF9XZVQ2VlhJWG9YZ3diTXUyTWN0VENJbDY2N0xzTzJ2YXhwaEdJWWs1U2gySW9hUWNyYVxceDI2c2FpXFx4M2RBTWZsLVlSX0gtOXkxdzUwVGpLTFIzN09XczJNRFNUTEQ4MFdYd0FRb2x2NmVic1RFTExTc2xxS0NlMVF6RllEbDEyaUZCU3VrN0tvZTRLdDFqZXpXRFdscUpTdERMWGtaNW13eTR5SE1jODNrQS1zZDhVV2htV2lBdVJpenktWFxceDI2c2lnXFx4M2RDZzBBcktKU3pNMzdqUHFtWUNEcUVBRVxceDI2Y2lkXFx4M2RDQUFTRmVSb2xsNWJMbnNYaHZNaXc3UmJKUm5MN1VjQnBnJywnZGF0YS1nb29nbGUtYXYtYWRrJzogJzE1ODA2NDc1MTUnLCdkYXRhLWdvb2dsZS1hdi1tZXRhZGF0YSc6ICdsYVxceDNkMFxceDI2eGRpXFx4M2QwXFx4MjYnLCdkYXRhLWdvb2dsZS1hdi1vdmVycmlkZSc6ICctMScsJ2RhdGEtZ29vZ2xlLWF2LWltbWVkaWF0ZSc6ICd0cnVlJywnZGF0YS1nb29nbGUtYXYtYWlkJzogJzAnLCdkYXRhLWdvb2dsZS1hdi1uYWlkJzogJzEnLCdkYXRhLWdvb2dsZS1hdi1zbGlmdCc6ICcnLCdkYXRhLWdvb2dsZS1hdi1jcG1hdic6ICcnLCdkYXRhLWdvb2dsZS1hdi1idHInOiAnJywnZGF0YS1nb29nbGUtYXYtaXRwbCc6ICcxOCcsJ2RhdGEtZ29vZ2xlLWF2LXJzJzogJzQnLCdkYXRhLWdvb2dsZS1hdi1kbSc6JzInLCdkYXRhLWdvb2dsZS1hdi1mbGFncyc6J1tcXHgyMnglMjc4NDQwXFx4Mjc5ZWZvdG0oXFx4MjY3NTMzNzQlMmJlanZmLyUyNzg0NFxceDNlXFx4Mjc5d3V2YiRcXHgyNjU2NTMzXFx4M2UhXFx4M2R8dnFjKSEyNzM3OTRcXHgyNlxceDNjcXF2Yi8lXFx4M2MxNzM1MDIwIVxceDNkbmVodWAvITM2NFxceDNkNTA1MSE5YWJre2EoJDE2MDIxMDozXFx4MjZcXHgzY2Nib3RmKyowMTUwMDM0OiUyYmVqdmYvJTcyOzE3NjEzIVxceDNkZWZkd2EqXFx4Mjc3NjQ2MzsyMSQ%2FZWJrcGIkXFx4MjYwMzY2NzE3XFx4M2UqXFx4M2ViZ2lwZishM1xceDNkNzEyMzYzJTlhaWh3YykhNzIwMlxceDNjMjE3XFx4Mjc5ZWZvdG0oXFx4MjYyMDA2MTs0OFxceDI2XFx4M2VgZG9wYi8lXFx4M2MxNzA3MjAwIVxceDNkOChcXHgyNjIwMDU1NzU%2FXFx4MjZcXHgzZWBkb3BiLyVcXHgzYzE3MDY0Mj8hXFx4M2R8dnFjKSE3MjAxO1xceDNkNTBcXHgyNzl3dXZiJFxceDI2MDM2NDE2NTQqXFx4M2ViZ2lwZnpcXHgyMl0nfSxldmNfdG91Y2g6ICd0cnVlJyxsaW5rX3RhcmdldDogJ190b3AnLGJnOiB7dTogJ2h0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vYmcvQmxWOGxIS0duazAzd1V5aEhXbGc5ZlY0Q2lLMjZDcnM4ZExvN2JRYkR1QS5qcycsYzogJ2FGcHdwL0hrTEY2NHNUdVQ1U0ptdjU0NWRJZFVMM25MQUMzRTNEM056cTJWZUZRRmNqTFRHR3dnajFlaVVLVGJiWXZLMWFQUFI4UmJpZS9CWGJtR1dlTjJlYUV0dWp6QVNtNkVyK1ZaZTZjYmZacXJ6czhnSC9WcXd5ai8xdjdmNnRQT2hEUExicitGdVJFd3J5RURVcVgxUENzQXRRb21rMTB3bTJYQVV2M2dYdnRUSWFtc0ZxMGN0MU93RlhJZE5WNFdSRUFORUdlQmFtZWR4VGdvU2Rqbjhjc283LzNOaVk0QTZobVlWbFpuVU&i=5-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
TwZxGU5N0sw1muC2-kvroVs6eV1WaUSjbLL4jxbLS5X58_-4-FZDeg==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=RtWUlWNFFQZ3FKVzZiaVk4MHVpMDVzWFN3NERqR1ZUSjg2VlpkOEVlRWsyNnUyN0FsTFloYUQvcDV3L2NXWUcvdUNqNUVOQUJlZnhwMW9QcUVHdlFFSDJrb1ZvSHBuZ1RVdERpZVFodXBydy96SXJmaFNjbFFHYzNSQlp5K3RtVEx5WWVPbUYvSDdhWmtJNmVRbExMYy9DNTFRaVJsdWZwVHBVWFI5SzdmaW5wN1Njd0EwTGhLbk5PZjc1dVJRK1lsT2t6MHZnVlFyVDJoUVR6SVhFOS84eTBabmo4Q0xiNlJ3U0dtakZYZ2dmNnlsWGY5bVdrVDk3WTAvVGpOREROSlJVckRjTEgzM3VTZk54eFAxTUl0K2NvcnFwWWhQMjJzTEUreE9GVFNoNVJJUHM1bkx6QmpCeG0yeEhJVFk4dmhNa2FjMysrZ1JIdm1UK2hHdStkNThMYmxhNFdpK0J0QnphK0tUNXc2VGF2YjdlZkNOMGMxZ1RKa05mNE1nR2llMjdja01hR1B5c2N5NHF2a3VFNjhXcHA0MmtaN0FydXdvM0lXTGUzWVpIbHEyZE1QSVU2ZFZxQWVPK2FLako5K2MrZWp1bDVUa09UWTViQVRYazlidmFPUkE3WnBDdEcwaFBjeWhFMElSMWJRbDQwbC9DbWp6QW5HMWlvTmpNNFR5YTF2NldDancxQkVzREluM0tPOUtwQksxR1ljdVFCejJSekcxU3huT2V5Q1R5WE1ITU90alRWdGdXT01CcW1DSFpqbzVTUlhLV0kyU24vRnk3Q0RFNXR6TDB5blRvQjRwVVE1YTlCUFNOUU93alpNVlRBeUVSUWJnL2dMc3RlMVZsN3dHV0tqVytsb1ZiMENESE90SlZIU0h5LzJSQWlmdFdMeHMvVGJtbi9GY0FSazFWU2JibmttSDA5czFlZlRDQjJ6OFo3STNjaU5QeWIrN1ppMEp5Z0NZVnU1ZFRJalhyN1dxVndvb25GTTY2Tmp2M2lsaEFTK1g1L3dOdkRMOFJ1OUhVRUxRZ3JjVVFPdFJNSWhBUGwvNlp4Nk8vRFJ1TDRhaEh5YjdmMlZBS3ZvdUt3UnBCelFUYVZFbW1uWEw0emF5UTl6c0NlZUQ4K0M5VjF0OG5KMnE4VW1qZ3BVaVN2L3JoeXh0SFVDdmNXZkptM3hHUHZBM3g2L3l5RVQwZkJoVkNjOHQwRFo5WWZHa2VrRGxUd3ozTWNoTlBtNjhJVSsyY1pwWm9zYmR4WDBFSmhrN0ZGZmVrR1hPN2lyMEVOK0lHWGpUT0E1SVV1ODFVUXNwU0pvRTEzRk1iNEpCSXVjVkpNVHZGemZ3YXllbjlBRnBVc0dPNHRRaHZRb0NrTXNBejhsN1dMWWxFVnBaSzlwbTBWMHZpYlJoN0x2TkVrMG5GaGVvcUxjQ2VEOFh1ZGh1ZGo3LzB0b3FqT0RtbjM1VjUyQmVBdjJNczFmeEx2Y3B5eldPbjN3RmZGM09zakhSdk9xUmZCWi9CZkpURjkzcFNuQi9YQmdpOVZHMTcxckFlWFM4UmxzdExyblpEaFkxUE5jQ21rK1pjNDYzeE9YUmw3bU5VcGRydTcveEhFdjFXRG1yWDdXWHRvam5yY2JLQjZMUzhoYWxYQTBDKzJCSC9PVW5OLzVBdlVNWC9IOUZsZVBRMTNndjFXYnlBNzdJU2h2SmtIbWRWUWR4eVVYemtaRzhZVkRrdnNhLzM5TVNnd1JTaDdVZjNBWjBvVTRmYUp2eEU3RHdKSm0zV3ZYZTRuOXJsNkU1WkpaSDVoLzh0SXBseUZlVUlRTERoUHVZL2dhRjNVclFYTlhXZlRUczFvNDlZTDI1b0MvemZGVmJ0VVNNVEtNUTBJaTBScjhlUFdQM2Y4Zm1BaVFlUmhoNjVhRTFYTktxb0pYTDZNL0dJaFJvSGVhNnlUL0F0T3FoQ3pCOE13UFpXOXRyU0RxYTliUFl2ektTWUNIZGpUWDdzUjh6OHFJeHR5eEs2TDhXVE1jWEVtbDZ4R1RVRGhQMktvR09CYkdJbnpDK2M2T1dhQlc1QUNCUHJIUHFXZzVSVHRtQ1k3eTd2UUlaWGpqcEVzUlpjN01HNU9EOVhwSCtVMnYxdFNtTGhSZnFOSFhjVG9NeVN0MTRWRkJTZDJBNGV5VDZVMFl5dWcwUmIzQm9ma3krT0paNVlvU1lYYlI5SkRyUTFvTGo1dFRNTlhJR29yanpYU3RPNDljbEdJT2FRN2ZnNVFyb1krNVBiSDd2emkyUHVWd0M4TGNNWmR4SmRvdk5PdHEwcVNUWDllZVhMQ2NRcUZEa1R3Mm1oUU9VV3IrbFo5OWRJdVJpZGlQS1dSek9BclFERlVtQkpoOWh3U3B1YSt2YXRubHpPUEUvZjk5VFBLUEZ0MjNybkpRYStUdmRqNlhLSnJTc01PQ0xkRHd6S1gySUxLY1ByTk00OTZydkVGbmtlcElBUERhdzBVV1NZb1BPTnBBNmxvREx6Q3VjR2lkd2c3OUJWS0lXMlQ5U0t2NUEvTlduZWpVUmpkTzNNaytManVETStpb0hPakJMdlV2MTNUWklhTUNSNmE2VXJpcHhJcnpQbG5yUmI1Q2loNWwxUGNIV25PcVpmOHErYVNaRllKYk56MDJ1VTA0T1F1NG5NR3U1Sm5jWHJBNndnam9wMllUckxhYklrUUxDMWRLS1A1Z1c3ejR2c1JBV09jMysvRFBJd0NGOUxtVTJtNGh5eHV2aTg3UlJIa0VwRVdIL1RnWnZZemJQQVlqdnNTTmV3ek1NNmI2c3NEVGxVMEd2bVZYcEFtOVJUSUtTZG5sem9kTWdING5aemhiWDVrS0c5L05na1c1VVJiNDE5TmxsR3FRazdBeitnS2ZlajdJZDhYS0Iwd1prVWNHOVNNMXNEQi81RVVwQnE1MHJRQXJCY3ExWTdEM0E0bVJPS3hqeGRFVHArSTZSMGJ2MEwzaCtETmYrbjQ4UmpSODVJVU1qckJWa2M0cm13UXYzR2kzTzJReHlvODJFSnJWcVlpK1BjY2JVeGkwQ0JvU041TEY0dEtLdzU4Z0dIVlBsbUVrSXRydEtIcEZFSFhTTXpQNHl4MmRjaDNsajZKVHNuRnR5d3FDMTRmdUdGa1VRUEhrWTZ5UHArNTNNc2NEYm9WZlB6dm9oL1poZnRGQldzUTlTRFhMZ085eTMyYnFmVGNpTDV5WGhNZEZtOWxzSm5WYjNOay9UQ1Z0SzNmVUdzUmJoUG1NVDhPWFdrWHJOZnkxNmdHWkppM3JjTHFIS1I2RUhLNC9yRHZlZHgxQnQrTzN0VFpYRFNiR1RTOVo4bVZub2ZXRC9ESDU0ZUlVWk5HTTVsYmpCZUhpWjF4RStKcDhRTW5vemhCMG5BZ2I1eTZ1VFFvK29oQS9KL3dhMStlWlZ0R2djdEg3cTZWN0p0Vm8yS1ZFeFNwYS9zME1FR1BCMTNYMTFKaDh6cEVwSzU4cVlJKzlRRlhjSXRraWozWFgwUDlTQWhsZ20wcnpkSlJhT3BVSExTU1FacjBMeFBaSCtTN0p2K0V1WG9teDIyZks0VnFoUGVUZkxIYmRsVGtSMmx2OGN3NFJqc0k1TlEvZXpOU00rRkR4aFZYcDBzSHU3ekg0emtBR2pxOEF3bU9CVDNFUzF4RjRxU0o2eE4yRGg2RE14RDQ5WGtKNXdnUlBkOUNTY0ZISnJvRnVYaHZPYjBzVnJ3Rlk4Skp6ZGRudGJwOFFDYUpHQ0RXQW9jMXVhbWxUQXQ0T3gyNXVFdllQVTg1QmVPWTRyWStab1hUdXU2NlFVdU1PTWFlVjNlN1hxQndFRk5YZWVkVEtabUVWaUJrUUc1MVdMUVBTUFNMTmxUZjBZSjV0V2tDdDdjWG92aVNkbGFrYVREZjE5ZWRtd3FoaUg5dFVkb094NThPbWVtMTRFWkRhZ2QwdGxFY0NManZIMmJhMWhYTTUyNDFIQ1ZycUZFUE5kakZubXdWaWIzTnhSQVJSWkI2SVd1N0hXNEg4ZjJKYmkrd3Z3dWNGbC9CNjhnWHpDV0VOaFZGWGZoc1NkQ1ZRWTkvcFJlY0szSWt6M2paOHNYL0xqem52eWNxZUI0U0MzWHNKb1cvMVpQS0lFN1gvdXlzajhwYXMwVkZISlc0V0JlYkpyeHJTbUZYQkZWY0t6OXBUTUhNMXpyZFJoamhJTEU4TjJpRlprQlNtcFBtdkhuUkRlOXNuVWowWjFZN2tzZytPT2NlT0RkSHdhdW1CZngwdzhTTGhnVTFSZXVCSlB5V2hGOFdpbDUzM0JBNlc3SE1udHhoUGUyVUlrTGdCVmdmMCtZSzZEOEFxY3dqaGpJQVZhUFBEajRmSHhkVTlqSXV6b0gzSVVFMHk1b2FjRlNrV1IrcWpXb1FKRVExK2tHdEc2R1VNY2JzeDgzazdOZFZsZEM2bUZNWThVU0dxQ2RRcTVhb3k3OVdINElMbVdIaU5jbno2bE5HUmxJWDZ6S1ZCZGIzWWd1SXQrbVFiUC8wYXJsU1BKL3E3V3RRaklLY3N4dHdjQkZycWZjVnJmTmtMcEF0aFlTTDdmYWt1SFhJbHVzakVLWnk1ZExWbHIrYXBHS1RKSTFyU2FJQW1JbEhjNTUraWRGUUJpNjA5UkZpTVpORVROK2Y0ejBtSSthT2d6eTl4Sjl0aWxyU0lLdGxyYzcrbGJjNWg0SklvbkFzYUd2SStuQUE1amtwaW43WjdmenNKYnlBVXlrTTQ2VHhXMnd2dlVJTlRmRWthWlAzRnF1ajV1d0JIV0VONmdMSERTRjdaUnRmN0RXVFkwald4VDcvVDBHUnRRNTBzWmhUaG5SNkhwUTFPY2Y2ME5icHE0ZVYwVXN5VitZb05xZnNNYXBYMWg3ODdrYmtWTkczK3Z0MTJjQ3I0K3JjOGdKbWVNQXovMU1iYjh1Mm1DdTZMRjNTR2xlTkt6aC9KVFhMNTRHdTRwb0c3UzRkRE16SytQdVhSTGw5clo0ckNHeGg4bFZSZWQ1WEp2bTB2S2YyaXhRb2MwOXgyQ1BlZ08wV1F2VjB4eWZPTjB4dGJpVXJxUE5Vd1IrNkh2TEVMR1VjVzVMZ01lU3lVMFkrSjg2Z05sRVJmOFpxRVJmbEdJMm81L1VCK3FkRjVCSERCNkxvZGF6bWRaOGgyYWNWSU1WeWJMd2o5bVhvbXdxbW9iSVhaQUN5QTBoSGJ5S2F2dkhYWHplVG4zL2pyQUpWdWlEQ1hxMEc0N2V1RG0zUmdBZkpHREhrNDRwQU9PQWp1SmRDeXV0RUF6UkpVdVphanpjU01YdUZUN1NQcFFQVUx2QWxTbkV0RmllR1Y3RHRxdkk5STZ4M0FOUUorZ0Y2cDdOZkhQMWJFZmJIdm1TU0pqQ2UzRWd0VVBjSi8yVGJIdGwwbDg0RkdrVVc0NG5ReWFja1VvdFRIeUtTODhUUGhMOXd3S1YwQ1RlaitydmFuR0hmZGhvSVBvcEk0WGIwa1psV3JUVnJ4TDNYdDArVFl2aHNlRmZIUFlQTzQ1dkJ4VHdGTTR4a2gwbktqaHlzYjNoL2lxQWl4RGdlK0hiOU9xcTBJL0Vlb1o2VkRqVTkxRjN5ZXNOR1poaDk2ZDV0Yk0zTkRST1ZEVHhLcU5GbzJXcDZFZVhnNDEycjVHeVF0dkk3NFE2djZwYWphc3o2dGNxWEd1SXdMZmlQSVBKNUF4VmpvVjBaVkpkZXVOT3JLVjFuRE5FeG56N2dJOGMwc0I3dlJ6Ly82ZncvYW1aYTg5Y0dYNnMrUE9nd0xSK0hxL1FrejN6R1BVeHhuUUZPbkRZamxaMFYzbm5OU094Ymkzdk5ZSDhOUjJCalFlbHI2VmlBTVRPRVMyTWdOVWsvNUFTUmQ2eUdoL2F6ejBMT1o1UW9Xd0d3cXdjZFdObXNGbXJ3WDh0WG5jcy9JYkVSV1ZuRXQrZllKVmZDaU1YazhKTkFTMFMxTFZXaXNSbDFkcG1EWkJ2d0VTK3daaFptalBiY0dwdG5ublBkbTZLTVRoRlR4bzI1ZEFSNWl3bmwvK0RpK0JJd3hMTXRJZlVybmhkLyttUGV6ZGxTcUl5anRpQmdaN3JkTlZ0WEV3Z1A2d0MvMGF3ei9tNXNBN3hwcGZkMjNBTU1tMjAvR3hFcW4wUjJNdFE5TEVJT1FqeC9QZnp3V3I2QkQ5ekh3MlBpRWVzOXhWZEsrMGtlS0ZpTGkyQS9SN3VhYTIyNUxCaE9wK1VScysrUFppWnMrYSswOHFsRjVZR0hoaGZjbk1idkw5ZVp5TUlNZXhWMXVibUYycFp0SjdONVJFakdwZStMUThWaVJmWko2YXN6Nnlqc1A1dzBsNjd1UXVmYkVScDQ5QmFFSlRnc0xMUGwwWmU1RnBpQkZIMlY4QXhkVmNBOXc1WW5qN3gvdzJleFdwRW1RTzhJZ1dVMjYwODhnR3BrQzlNWlgzRFZhYnByUldsY2thQlpOUXZGL2VURnp3ZW9HQzFWaWNRVHFIdWhPcXY3WXo1RzJpaTN1K0lTaGZ1OGh1cU44Wnd2L0NRYU9wQjlzaU9Nc3kvSTg4NWp6bUNyQlRqTWJkeTBmMkptUWlHUy9qUnZ5ZXBEdjY3UjdXanMySER0akpFeGFUNWpnUlUxZFlrZTFGeEl3R3FwdlRxQXU4UGdVZ1lJUThmcG9ldEpCR0k1ZHVHMTFkOUcwVmdmUTNGdkwzV3gyS3ZJd212RktNdWpIbi9pVWdMc2lOcTA0NEFjYUJEZkZGRHAxVEIwTUdLaGdLUXY0UGJ1NEJHTkw3cSthNDV6cDZNUTg0TGdLOFVyakJwQzZteVdZc285WGNlZTJqV1VJYVIxUmRiOVE3Mzg0QXlKWllOcUpKTGp6Y3FaS0Z2OVA3dll3bHIxdm05UHpIV3dWaGF5aTZnU0xzMzRTQzJDTGRxekt0RVFpSk15NUt0VElBZFZEMXJqN2JjQ3Bsc0prY2pIUlJ0TlRyYzZJd2thR1Q3Ym9kMER5T0JBNU1XSWJoekVRbm50OElJZzducmFsMlcvaW9WWkdlNWpkOUU3NUZKYU13Y3JFYTJMNEtFS041NCs1NlB1VTdpdDB4dVdUUnNpT3ZUaDg5dDBWaEdsQWJvOHBHblB5N09pSnAwbndVTG5VNGdQNzZ0K2JBSFZwUkJ4MXVnS2RxbmRVU0kzWE91bk0zNW1RZTYvNDBtRGt2L1pSM3c0RlRuUHJNc09DU2Z3MytGUEZqWjgvL0xYN05ZdW5nZllpTWNOc2s5emZaeWcrSUlGakdCQWtNTGdWcDYzTkVVRTc3dmtxYnNMUDJNaThnaERvcDgwekJ3NVJwNGxjeWk0NkRLdW1FelAvd2RMZ05Ca3RBRksrVXV5QWg0SUJUTHNMb1BkRVQveVIrRnVtMDNpSlprQ28wNUVlMFhxTzVYVFhWcUZZOWRlWm9pV2tONndFZ1ZMWFdjbmc2ODk1ZUdNNFNnM0lpTEpqMWgxS0RSNENYTHpLbVRGRmpKRzVZQk9hL0g2dzdGYXhQN0tBZzZvS1k4QmNrMytUQnFMSW5LTHNkWVNaZlR2MmZDOWNSTVZGalkySjkwODNScjF3QW13VWlVWm44ODRlMnZJTjhadlNhSWFsNGZSLzB3T213Rk85KzJ4SUd2aHc1Z2laQkZoNEczSUY0WWx6Qk0rbjFyQ1NvbGJRVlFNZER3V0VScFdtTm1Fb2x2UklCZUhDazVlQlg2YnFBcVB3WmRvaERBQUgvUzFnaTdaTjVUNXViMHptbk03dU04c0FPSWhHbVhNbk9waHUrVlNTWjM3OEFTd0J5Z3lNUmtNWGY5YVdVdW1pdU02SmpqNjVITTk4NEMrN3V3eWNqOWNzMW9oZFNoSk9hbUxYT0g4WnV1R0FQd2NPOElESFBmZGNUQk4wTDhoYStzUlBVem9tYWc1TWtUVkplVGsyYmdDc2JhY2xXUHRoWnlZSXhKbkppTm&i=6-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
-vLCeUWz3z8od-KJBcp0kxM4nlZ7QgmUe8aRwYua-ytE4o-KFZ2cpQ==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=EvdENyK0gyOHZ6b0FjZnJhVVhoMXZDSzk4RkRHZW9xR0JjaUdBUG9Kd2liNitpMjRqVElDaldpUHNOZVBKQ2x2V292V29HT2Z5R3RVeEZKL3FZMnBiNzBWZG1ETXJWZXREVWNweE9waFI2YlBnZnVyZWxFblFIYWVaNkg2MWE1QVhya0VTWGFpNkRWWlM2cmorRU9jSnFYSldVOGgvcDI1L1JBMThtSlBCZ0pmSzFDTHl3cnJsaS9NbEZTZUdqeHc4NDZxbFNFOU5jRGxmZUpBa095OWVXRk1NY3FDTWQyZjk3K1U2TUJMNUVza1Z1emszcDJQZnZDczVvbmNrcVJJejB0bTlqQldibFc2M205cDFhVmxoek5oNEJDYnBFQklpa25qOWNhaVQ3czlMWVczbzE4QnhyK2NScXpiM0pYUHR5YmxBaGF6L2ZtVlFRWmZnWnB1clREQTdUbFhFQXRIVEdzc2c5V3hVVkxZdWx2T215UzFWVDFtMG1MVG9RcE5Sam11ODJtVWlJTGRodU5sMGJwZ3FTd1VJcDNtMTkrZFl5Y3A4OTFJUDVHYW1KRU04S2hrR05GZWpWMkUraG9vUU82RWloZFpMbTJ1MGNMdExXckxEanhldHZ1MlpEeTUzNmdwc0lrdldwYUl6UktyK2h0cWw1bGRlK1BCb3RJUEpEbnpCY0VkNzczWEU4b1U4bmw5TVIzK2JRQVloWFArc21YUmQwSEYxdk8wZXNFOGNsWDR0c1RqTXVPR1FFYlNsSEw0eXFxeEhiZ1lXU3RmTStETXRjWXZyem1wTU1Nc2VtZHBPOCtzWTNKTzZkTmV1NDBZUFhLZHozODFyTUE4aTcrekJFQTViU0l0V1FCUjVUZyt1cCtURERsaGc3ZmZzV0ZBYXJ1YndaT2FueWpFWWtIdnNyRGMyVS96RzNRZ0xhdXFORmx6ZmJDR1RuQTZiMTNWTm1leG04bVBxYnpiWnB0Nlg1aVJiaDBnbDlFR3gyV3JSQUR2clZtU1hrZmdFWUthYWRIVlB0WWVVTWVCU2tUVSt0cVJZQkorU0FwZEFDVU95YlNmOHVMempsaDkxc3A0M0xESkdpUEYxazBhVHJTcmVaSGdXSEhNOWF6eGdTZnpqYnp2dEJROEFVaVRZdWkrZUgyM2lIMGVnZVBtWTdEalpxaWlzRTJ4OHRvdXU0UTRwREorVkROdGJycWtsR3docnoyMlRjZEh6dlNSOG9xVjdFdVE1MFRGNHZqdURZSnM3OUw0d2pwYlhabWJZQlRyMUJSUFYySFFXKzBlSFhhZHN5YWZLU1hwZlhGNlZ2aE5ZbTFVeUFuNGtOKzQwR3NXN3pnL3ppeVJzc0hvb3d6eE1oVXpnQVRWbzRjZGc2T3dGMmRta0dDZlMzc1pLcmhDVnJoMk1ZNVl4RVNmZHFrc3g4elRpMlgvSzIrV1BuaFpXU08reXBzV3VOdUFVR1NPZjhkQWtJK0ZQWnZEVE03b3V1VnEyOGFWejdIMk51UEk4eWgvNU1OVjR5a1oySUcraFdVaSt1SVBTWjZMU2tGbVVic0FSWEVMZU8rZVYrNnpxL1R5bFF0eTAyY0NKSnIwQTdDUXNvdGR0dTNsY2dqSmZ3MGlXZkVoRXRjczM5NEVSK0NSQlZ4QUp3Z1FhYktURlJUbXlFUlVXejc3N3hkMzlwTGdSREFKRjFQeVFTNnliS043S0dhZThySUtBOTByNGlTQ3E3Zng5Zy9CeEdrbkZSbGhRblVzK3hwYmorSXhVOGdmeDJYS1lGMFd0UFZvNUNZbzFSTjNpK08rUjgxUkpyY2l6VWc0Vktoc3hMRm50d1lNaWpQL2pQSDUyZFFQcTBYb3ZnbGdkWUd0L1UrTDcvWUtzekRmUHZIbE44dFN5WkNCZzZuN2ZSU3Q4MnJFWlo5aTBlR1FXc2FYZkFITkZRZG8yQlkzdzVkWjEzbGRPOWc4ZmJFbVRTT0I4K0NaQmhTWXU3V29La2ZZUkxObENlQ3ZDNlR2SnZDRHpvSHNIRTJwM1RyNThrZENFb2dOM1hOa25CT2drQXdLQjdNRGVCL2o1NUxhL3lMZW9acXVZUU9lcUU3QlFSdnF4Tnp4Y2dVRzU1TERKKzJ0YXptR1grWGlUWEZEU2JPVEJ0MlBIbE45OXhBaDFuK1IwVFRjblh2NCtoZTBrTHN3Qi9VY21oQUhIb1RDQ1lUbXdrblF5azFTRHdIVmZxWG9wZEtQUEhUcklaSkpoeko0WldRVjh1WTV0S2s1U1hlUGExZkhsTUZ3Z0t0bUNSU2tKeUVLNzAvUjZUWWZKVWE5dE1YSlhBM3NOby9ucElYVHJtMjB1WXQxaG5jeFh1MFprYlVQL0V0YjhjWUNmampLTUVKS0Z6cFBTL2hKK0tiSExQbnRaeFNNb2Nvb0lJQnUwTHNFTjZKOWVGYTRJNE5CZ3VqZlF0OTdJQlhVVXB3eXF1ZjRiZU1jRFkvWVJseTFvNi9ncmRCNitCOCt6NVYvOTgrRDVLd21kMC83aEExbGpYdlNGY1M2MVRQQUx5czBvVmdpNHJDTDJEaTRMYTdCaGJzY1FER2wyY0Z4dHBRNUY0WlNUTDdSdDlnTmYza1ZOem5PZ1cwaDRmMVVxVDJtbFVlVWdETTcwZzk0Q0NGMXMvY2hRemwvRzc2SVI5UmVqYTlZdnV1MEFGWXVKMTZ2dHpjYlpDSjZwM0J5ZUpaaW5zcDM0QzFybnpQYnk1dHJLYVk2ODA3dlVlbjhpZ0lUWkZlREpFRzBkaVpvM0R4OFpsY1IrZlNhbUxHRmNUd2Nqc0pqNTd4VTBPQUR0MTF2eU1heFdNamIyMGtwTXY0TG5TQTVxRmR2czZyK0N2Q3FRSUYvZU94Z2lCZVFBUzZBa1hxT2dLY1NtK0VEejczVDNIM1hCTHI0bDVUM2J5eTQ3cFNaYkJxRU1heGFLYzF2SGRkSHM4UlM2QkJyeFh5MjlyUWx3cGJmQml0bldqcU1LQXorTnJDMm1tdkhua0ZVTUtsLytYU2J6TTJjejBlR2NnL1IvRU9XTzllbVZBejhYWkphdENvcWZGZG9RRXlLcGc3VGRDb3FDYWRZSjAyNDJpZHZleWMvL1h4V2xSeTV0dGI3bTV6QkRGNGsrNzdiREtzUTJ0dG1QOXdGZnZIOTk4Nno1SzIxWE5KRmJmeENQbEh1RFJMNDN1OUlmbUE2Vjc1V3RBOUFUUmJHeUtOSElONkQwd1plQlpuMlk3WVEwa3hzOGZKb0FOV29LL3IxVDcva0pTdVNiYXhYVGs2am9GUHBLSUN3aUQ1MXBCbVUyWkRUd3NaUkY5K2F1UDlxeFZHZ2lXKzFXRU9XL2MyOG1xTHd4WFZIK3RYd2t1bzd5cGRXNVZQMkVzVE9TOTBmRmljWHF6TXhsUFd6ZUhPQkpremxsL2RoYzB2RTFIOFZaTXd4T3oxNmdBYjZTUVlWYno2b2wrNk02ZmhibWJ1Zmlxa1lvUVhNSUlUaFprMklTR21xQkxoTEFHYURvTGR1MmJ5NFZ0QlNEY3RYb3lmTkxMM1AxWG9wK1U5NHM5RDcwSWdOZjZKOTkyT1RuUXJTckNMZXhoRmNZY0pNeWpXUmZTZ042T3h6Zm5UZXlubXgzeVJHa2habHR4d1JITjVtdWNRbFBSYWx0QnBhem41L1JlRjhWbzZzRWVmaEhwRDFHSDUyenpiaTdFTkw3S0N2ejN0VlJoTHNnUlRJZEVWU0svb3JSRTF5K3ZTbkVzcGVsUytLbUk2eEtuaDdid1BGTm9GeElmczFmR3RQQWt1bUEzRG83Q0pWUmR4b24rRUlsT2hvQVJySWpyaGdma0U2bVFQT001MUphaTh1aTh2UzZZV2NCTHhSTjZQU3dybmdkUDFJMnNFaXc5clhWK3A0OFZ1clovTzNnTExaNzNtZHJOeGJLVUs3TkdaWm10NVZjaXZXNUYzd2phK0oyS3ZsRUlBXFx4M2RcXHgzZCd9LGdvb2dsZV90ZW1wbGF0ZV9kYXRhOiB7cmVuZGVyaW5nX3NldHRpbmdzOiB7J2Zvcm1hdCc6ICc3Mjh4OTAnLCdzY3JlZW5EZW5zaXR5JzogJzEnfSwnYWREYXRhJzogW3snbGF5b3V0JzogJ0N1c3RvbScsJ0N1c3RvbV9sYXlvdXQnOiAnaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZGJ1bmRsZS8kY3NwJTNEZXIzJC8xNjMzMDI4Mzk3ODIyMTMwOTI5MS9pbmRleC5odG1sJywncHJlVTJVcmxzJzogJ3RydWUnLCdkaXNwbGF5VXJsJzogJ2ZhZGVycHJvLmNvbScsJ2Rlc3RpbmF0aW9uVXJsJzogJ2h0dHBzOi8vZmFkZXJwcm8uY29tL3BhZ2VzL25pY2t5LXJvbWVyby1tYXN0ZXJjbGFzcz91dG1fc291cmNlXFx4M2RGUF9nb29nbGVcXHgyNnV0bV9tZWRpdW1cXHgzZGRpc3BsYXlcXHgyNnV0bV9jYW1wYWlnblxceDNkbmlja3lfcm9tZXJvX3BhcnRfMVxceDI2Z2NsaWRcXHgzZEVBSWFJUW9iQ2hNSWk2U2xtWjJULUFJVkQ3ZWZDaDFVdFFKUEVBRVlBU0FBRWdJX3dQRF9Cd0UnLCdjcmVhdGl2ZV9sYW5ndWFnZSc6ICdlbicsJ3ZlcnNpb25JbmZvJzogJzcuMy4yJywnZ3BhRmxhZ0JnU2lnbmFsQ2xpY2tMb2NhdGlvbkVuYWJsZWQnOiAndHJ1ZScsJ3Npcml1c0ZsYWdCYWNrZ3JvdW5kVW5jbGlja2FibGUnOiAndHJ1ZScsJ2hvdF9pdGVtX2xhYmVsJzogJ0hvdCcsJ0ZMQUdfcGFzc19nY2xpZF90b19kZWVwbGlua191cmwnOiAnVHJ1ZScsJ2dwYUFkZFByb21vVGV4dCc6ICd0cnVlJywnZ3BhU3BlY2lmaWVkTG9nbyc6ICd0cnVlJywnZ3BhTGltaXRBbmltYXRpb25UaW1lJzogJ2ZpcnN0JywnZ3BhVXNlV2lkZUxvZ28nOiAndHJ1ZScsJ2dwYVByaWNlRHJvcFR5cGUnOiAnYW5pbWF0aW9uJywnRkxBR19jbGllbnRfc2lkZV9mbGFnX292ZXJyaWRlcyc6ICdbe1xceDIybmFtZVxceDIyIDogXFx4MjJpbl9hcHBfbGlua19oYW5kbGluZ19mb3JfYW5kcm9pZF8xMV9lbmFibGVkXFx4MjIsIFxceDIydmFsdWVcXHgyMiA6IHRydWV9LHtcXHgyMm5hbWVcXHgyMiA6IFxceDIyYXZvaWRfYXBwaWZ5X2RvdWJsZV9iaWxsaW5nXFx4MjIsIFxceDIydmFsdWVcXHgyMiA6IHRydWV9LHtcXHgyMm5hbWVcXHgyMiA6IFxceDIydXNlc19vY3RhZ29uX3Nka1xceDIyLCBcXHgyMnZhbHVlXFx4MjIgOiB0cnVlfSx7XFx4MjJuYW1lXFx4MjIgOiBcXHgyMm9wZW5fYXBwbGlua3NfYWRkaW5nX2djbGlkXFx4MjIsIFxceDIydmFsdWVcXHgyMiA6IHRydWV9XScsJ2dwYUFkZE5ld0l0ZW0nOiAnbW9jaycsJ2dwYUZsYWdCYWNrZ3JvdW5kVW5jbGlja2FibGUnOiAndHJ1ZSd9XX19O3ZhciBleGl0Q29uZmlnID0gJ1tudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsXFx4MjJnb29nbGVfYWRfNTExNTY0NDQyNTk4XFx4MjIsbnVsbCxudWxsLG51bGwsMSwzMDAsbnVsbCxudWxsLFxceDIyODU4NTM2NzA0XFx4MjJdJzs8L3NjcmlwdD5cbjxzY3JpcHQ%2BKGZ1bmN0aW9uKCl7LypDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLlNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wKi92YXIgYWE9ZnVuY3Rpb24oYSl7dmFyIGI9MDtyZXR1cm4gZnVuY3Rpb24oKXtyZXR1cm4gYjxhLmxlbmd0aD97ZG9uZTohMSx2YWx1ZTphW2IrK119Ontkb25lOiEwfX19LHA9XCJmdW5jdGlvblwiPT10eXBlb2YgT2JqZWN0LmRlZmluZVByb3BlcnRpZXM%2FT2JqZWN0LmRlZmluZVByb3BlcnR5OmZ1bmN0aW9uKGEsYixjKXtpZihhPT1BcnJheS5wcm90b3R5cGV8fGE9PU9iamVjdC5wcm90b3R5cGUpcmV0dXJuIGE7YVtiXT1jLnZhbHVlO3JldHVybiBhfSxiYT1mdW5jdGlvbihhKXthPVtcIm9iamVjdFwiPT10eXBlb2YgZ2xvYmFsVGhpcyYmZ2xvYmFsVGhpcyxhLFwib2JqZWN0XCI9PXR5cGVvZiB3aW5kb3cmJndpbmRvdyxcIm9iamVjdFwiPT10eXBlb2Ygc2VsZiYmc2VsZixcIm9iamVjdFwiPT10eXBlb2YgZ2xvYmFsJiZnbG9iYWxdO2Zvcih2YXIgYj0wO2I8YS5sZW5ndGg7KytiKXt2YXIgYz1hW2JdO2lmKGMmJmMuTWF0aD09TWF0aClyZXR1cm4gY310aHJvdyBFcnJvcihcIkNhbm5vdCBmaW5kIGdsb2JhbCBvYmplY3RcIik7fSxjYT1iYSh0aGlzKSxkYT1mdW5jdGlvbihhLGIpe2lmKGIpYTp7dmFyIGM9Y2E7YT1hLnNwbGl0KFwiLlwiKTtmb3IodmFyIGQ9MDtkPGEubGVuZ3RoLTE7ZCsrKXt2YXIgZT1hW2RdO2lmKCEoZSBpbiBjKSlicmVhayBhO2M9Y1tlXX1hPWFbYS5sZW5ndGgtMV07ZD1jW2FdO2I9YihkKTtiIT1kJiZudWxsIT1iJiZwKGMsYSx7Y29uZmlndXJhYmxlOiEwLHdyaXRhYmxlOiEwLHZhbHVlOmJ9KX19LHE9ZnVuY3Rpb24oYSl7dmFyIGI9XCJ1bmRlZmluZWRcIiE9dHlwZW9mIFN5bWJvbCYmU3ltYm9sLml0ZXJhdG9yJiZhW1N5bWJvbC5pdGVyYXRvcl07cmV0dXJuIGI%2FYi5jYWxsKGEpOntuZXh0OmFhKGEpfX0scj1mdW5jdGlvbihhKXtmb3IodmFyIGIsYz1bXTshKGI9YS5uZXh0KCkpLmRvbmU7KWMucHVzaChiLnZhbHVlKTtyZXR1cm4gY30sZWE9XCJmdW5jdGlvblwiPT10eXBlb2YgT2JqZWN0LmNyZWF0ZT9PYmplY3QuY3JlYXRlOmZ1bmN0aW9uKGEpe3ZhciBiPWZ1bmN0aW9uKCl7fTtiLnByb3RvdHlwZT1hO3JldHVybiBuZXcgYn0sdDtpZihcImZ1bmN0aW9uXCI9PXR5cGVvZiBPYmplY3Quc2V0UHJvdG90eXBlT2YpdD1PYmplY3Quc2V0UHJvdG90eXBlT2Y7ZWxzZXt2YXIgdTthOnt2YXIgZmE9e046ITB9LHY9e307dHJ5e3YuX19wcm90b19fPWZhO3U9di5OO2JyZWFrIGF9Y2F0Y2goYSl7fXU9ITF9dD11P2Z1bmN0aW9uKGEsYil7YS5fX3Byb3RvX189YjtpZihhLl9fcHJvdG9fXyE9PWIpdGhyb3cgbmV3IFR5cGVFcnJvcihhK1wiIGlzIG5vdCBleHRlbnNpYmxlXCIpO3JldHVybiBhfTpudWxsfXZhciB3PXQseD1mdW5jdGlvbihhLGIpe2EucHJvdG90eXBlPWVhKGIucHJvdG90eXBlKTthLnByb3RvdHlwZS5jb25zdHJ1Y3Rvcj1hO2lmKHcpdyhhLGIpO2Vsc2UgZm9yKHZhciBjIGluIGIpaWYoXCJwcm90b3R5&i=7-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
mz-9fWg7_SYZSPwEQRkXHnf-bC6f_g7abuhG0pRqA-bj-yJgqJEFXQ==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=cGVcIiE9YylpZihPYmplY3QuZGVmaW5lUHJvcGVydGllcyl7dmFyIGQ9T2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihiLGMpO2QmJk9iamVjdC5kZWZpbmVQcm9wZXJ0eShhLGMsZCl9ZWxzZSBhW2NdPWJbY107YS5oYT1iLnByb3RvdHlwZX0seT1mdW5jdGlvbihhLGIpe3JldHVybiBPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxiKX07ZGEoXCJXZWFrTWFwXCIsZnVuY3Rpb24oYSl7ZnVuY3Rpb24gYigpe2lmKCFhfHwhT2JqZWN0LnNlYWwpcmV0dXJuITE7dHJ5e3ZhciBnPU9iamVjdC5zZWFsKHt9KSxtPU9iamVjdC5zZWFsKHt9KSxuPW5ldyBhKFtbZywyXSxbbSwzXV0pO2lmKDIhPW4uZ2V0KGcpfHwzIT1uLmdldChtKSlyZXR1cm4hMTtuLmRlbGV0ZShnKTtuLnNldChtLDQpO3JldHVybiFuLmhhcyhnKSYmND09bi5nZXQobSl9Y2F0Y2goJGEpe3JldHVybiExfX1mdW5jdGlvbiBjKCl7fWZ1bmN0aW9uIGQoZyl7dmFyIG09dHlwZW9mIGc7cmV0dXJuXCJvYmplY3RcIj09PW0mJm51bGwhPT1nfHxcImZ1bmN0aW9uXCI9PT1tfWZ1bmN0aW9uIGUoZyl7aWYoIXkoZyxoKSl7dmFyIG09bmV3IGM7cChnLGgse3ZhbHVlOm19KX19ZnVuY3Rpb24gZihnKXt2YXIgbT1PYmplY3RbZ107bSYmKE9iamVjdFtnXT1mdW5jdGlvbihuKXtpZihuIGluc3RhbmNlb2YgYylyZXR1cm4gbjtPYmplY3QuaXNFeHRlbnNpYmxlKG4pJiZlKG4pO3JldHVybiBtKG4pfSl9aWYoYigpKXJldHVybiBhO3ZhciBoPVwiJGpzY29tcF9oaWRkZW5fXCIrTWF0aC5yYW5kb20oKTtmKFwiZnJlZXplXCIpO2YoXCJwcmV2ZW50RXh0ZW5zaW9uc1wiKTtmKFwic2VhbFwiKTt2YXIgaz0wLGw9ZnVuY3Rpb24oZyl7dGhpcy5oPShrKz1NYXRoLnJhbmRvbSgpKzEpLnRvU3RyaW5nKCk7aWYoZyl7Zz1xKGcpO2Zvcih2YXIgbTshKG09Zy5uZXh0KCkpLmRvbmU7KW09bS52YWx1ZSx0aGlzLnNldChtWzBdLG1bMV0pfX07bC5wcm90b3R5cGUuc2V0PWZ1bmN0aW9uKGcsbSl7aWYoIWQoZykpdGhyb3cgRXJyb3IoXCJJbnZhbGlkIFdlYWtNYXAga2V5XCIpO2UoZyk7aWYoIXkoZyxoKSl0aHJvdyBFcnJvcihcIldlYWtNYXAga2V5IGZhaWw6IFwiK2cpO2dbaF1bdGhpcy5oXT1tO3JldHVybiB0aGlzfTtsLnByb3RvdHlwZS5nZXQ9ZnVuY3Rpb24oZyl7cmV0dXJuIGQoZykmJnkoZyxoKT9nW2hdW3RoaXMuaF06dm9pZCAwfTtsLnByb3RvdHlwZS5oYXM9ZnVuY3Rpb24oZyl7cmV0dXJuIGQoZykmJnkoZyxoKSYmeShnW2hdLHRoaXMuaCl9O2wucHJvdG90eXBlLmRlbGV0ZT1mdW5jdGlvbihnKXtyZXR1cm4gZChnKSYmeShnLGgpJiZ5KGdbaF0sdGhpcy5oKT9kZWxldGUgZ1toXVt0aGlzLmhdOiExfTtyZXR1cm4gbH0pO3ZhciB6PXRoaXN8fHNlbGYsQT1mdW5jdGlvbihhLGIsYyl7YT1hLnNwbGl0KFwiLlwiKTtjPWN8fHo7YVswXWluIGN8fFwidW5kZWZpbmVkXCI9PXR5cGVvZiBjLmV4ZWNTY3JpcHR8fGMuZXhlY1NjcmlwdChcInZhciBcIithWzBdKTtmb3IodmFyIGQ7YS5sZW5ndGgmJihkPWEuc2hpZnQoKSk7KWEubGVuZ3RofHx2b2lkIDA9PT1iP2M9Y1tkXSYmY1tkXSE9PU9iamVjdC5wcm90b3R5cGVbZF0%2FY1tkXTpjW2RdPXt9OmNbZF09Yn0saGE9ZnVuY3Rpb24oKXt9LGphPWZ1bmN0aW9uKGEpe3JldHVybiBPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxCKSYmYVtCXXx8KGFbQl09KytpYSl9LEI9XCJjbG9zdXJlX3VpZF9cIisoMUU5Kk1hdGgucmFuZG9tKCk%2BPj4wKSxpYT0wLGthPWZ1bmN0aW9uKGEsYixjKXtyZXR1cm4gYS5jYWxsLmFwcGx5KGEuYmluZCxhcmd1bWVudHMpfSxsYT1mdW5jdGlvbihhLGIsYyl7aWYoIWEpdGhyb3cgRXJyb3IoKTtpZigyPGFyZ3VtZW50cy5sZW5ndGgpe3ZhciBkPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGFyZ3VtZW50cywyKTtyZXR1cm4gZnVuY3Rpb24oKXt2YXIgZT1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChhcmd1bWVudHMpO0FycmF5LnByb3RvdHlwZS51bnNoaWZ0LmFwcGx5KGUsZCk7cmV0dXJuIGEuYXBwbHkoYixlKX19cmV0dXJuIGZ1bmN0aW9uKCl7cmV0dXJuIGEuYXBwbHkoYixhcmd1bWVudHMpfX0sQz1mdW5jdGlvbihhLGIsYyl7Qz1GdW5jdGlvbi5wcm90b3R5cGUuYmluZCYmLTEhPUZ1bmN0aW9uLnByb3RvdHlwZS5iaW5kLnRvU3RyaW5nKCkuaW5kZXhPZihcIm5hdGl2ZSBjb2RlXCIpP2thOmxhO3JldHVybiBDLmFwcGx5KG51bGwsYXJndW1lbnRzKX07dmFyIG1hPUFycmF5LnByb3RvdHlwZS5pbmRleE9mP2Z1bmN0aW9uKGEsYil7dmFyIGM7cmV0dXJuIEFycmF5LnByb3RvdHlwZS5pbmRleE9mLmNhbGwoYSxiLGMpfTpmdW5jdGlvbihhLGIpe3ZhciBjPW51bGw9PWM%2FMDowPmM%2FTWF0aC5tYXgoMCxhLmxlbmd0aCtjKTpjO2lmKFwic3RyaW5nXCI9PT10eXBlb2YgYSlyZXR1cm5cInN0cmluZ1wiIT09dHlwZW9mIGJ8fDEhPWIubGVuZ3RoPy0xOmEuaW5kZXhPZihiLGMpO2Zvcig7YzxhLmxlbmd0aDtjKyspaWYoYyBpbiBhJiZhW2NdPT09YilyZXR1cm4gYztyZXR1cm4tMX0sbmE9QXJyYXkucHJvdG90eXBlLmZvckVhY2g%2FZnVuY3Rpb24oYSxiKXt2YXIgYztBcnJheS5wcm90b3R5cGUuZm9yRWFjaC5jYWxsKGEsYixjKX06ZnVuY3Rpb24oYSxiKXtmb3IodmFyIGMsZD1hLmxlbmd0aCxlPVwic3RyaW5nXCI9PT10eXBlb2YgYT9hLnNwbGl0KFwiXCIpOmEsZj0wO2Y8ZDtmKyspZiBpbiBlJiZiLmNhbGwoYyxlW2ZdLGYsYSl9O3ZhciBEPWZ1bmN0aW9uKGEpe3ZhciBiPSExLGM7cmV0dXJuIGZ1bmN0aW9uKCl7Ynx8KGM9YSgpLGI9ITApO3JldHVybiBjfX07dmFyIEU9ZnVuY3Rpb24oYSl7RVtcIiBcIl0oYSk7cmV0dXJuIGF9O0VbXCIgXCJdPWhhO3ZhciBvYT1EKGZ1bmN0aW9uKCl7dmFyIGE9ITE7dHJ5e3ZhciBiPU9iamVjdC5kZWZpbmVQcm9wZXJ0eSh7fSxcInBhc3NpdmVcIix7Z2V0OmZ1bmN0aW9uKCl7YT0hMH19KTt6LmFkZEV2ZW50TGlzdGVuZXIoXCJ0ZXN0XCIsbnVsbCxiKX1jYXRjaChjKXt9cmV0dXJuIGF9KTtmdW5jdGlvbiBGKGEpe3JldHVybiBhP2EucGFzc2l2ZSYmb2EoKT9hOmEuY2FwdHVyZXx8ITE6ITF9dmFyIEc9ZnVuY3Rpb24oYSxiLGMpe3ZhciBkO2EuYWRkRXZlbnRMaXN0ZW5lciYmYS5hZGRFdmVudExpc3RlbmVyKGIsYyxGKGQpKX0sSD1mdW5jdGlvbihhLGIsYyl7dmFyIGQ7YS5yZW1vdmVFdmVudExpc3RlbmVyJiZhLnJlbW92ZUV2ZW50TGlzdGVuZXIoYixjLEYoZCkpfTt2YXIgSj1mdW5jdGlvbigpe3ZhciBhPUk7dHJ5e3ZhciBiO2lmKGI9ISFhJiZudWxsIT1hLmxvY2F0aW9uLmhyZWYpYTp7dHJ5e0UoYS5mb28pO2I9ITA7YnJlYWsgYX1jYXRjaChjKXt9Yj0hMX1yZXR1cm4gYn1jYXRjaChjKXtyZXR1cm4hMX19LEs9ZnVuY3Rpb24oYSxiKXt2YXIgYztpZihhKWZvcih2YXIgZCBpbiBhKU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChhLGQpJiZiLmNhbGwoYyxhW2RdLGQsYSl9O3ZhciBMPWZ1bmN0aW9uKGEsYixjKXtjPXZvaWQgMD09PWM%2FbnVsbDpjO3ZhciBkPXZvaWQgMD09PWQ%2FITE6ZDtwYShhLGIsYyxkKX0scGE9ZnVuY3Rpb24oYSxiLGMsZCl7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChhLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cz1bXSk7dmFyIGU9YS5kb2N1bWVudC5jcmVhdGVFbGVtZW50KFwiaW1nXCIpO2lmKGN8fGQpe3ZhciBmPWZ1bmN0aW9uKGgpe2MmJmMoaCk7aWYoZCl7aD1hLmdvb2dsZV9pbWFnZV9yZXF1ZXN0czt2YXIgaz1tYShoLGUpOzA8PWsmJkFycmF5LnByb3RvdHlwZS5zcGxpY2UuY2FsbChoLGssMSl9SChlLFwibG9hZFwiLGYpO0goZSxcImVycm9yXCIsZil9O0coZSxcImxvYWRcIixmKTtHKGUsXCJlcnJvclwiLGYpfWUuc3JjPWI7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHMucHVzaChlKX0scWE9ZnVuY3Rpb24oYSl7dmFyIGI9eixjLGQ7aWYoZD1iLm5hdmlnYXRvcilkPWIubmF2aWdhdG9yLnVzZXJBZ2VudCxkPS9DaHJvbWUvLnRlc3QoZCkmJiEvRWRnZS8udGVzdChkKT8hMDohMTtkJiZiLm5hdmlnYXRvci5zZW5kQmVhY29uP2IubmF2aWdhdG9yLnNlbmRCZWFjb24oYSk6TChiLGN8fGEpfTt2YXIgcmE9ZG9jdW1lbnQsTT13aW5kb3c7dmFyIE49e307dmFyIHNhPWZ1bmN0aW9uKCl7fSxPPWZ1bmN0aW9uKGEsYil7aWYoYiE9PU4pdGhyb3cgRXJyb3IoXCJCYWQgc2VjcmV0XCIpO3RoaXMuWT1hfTt4KE8sc2EpO08ucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXMuWX07bmV3IE8oXCJhYm91dDpibGFua1wiLE4pO25ldyBPKFwiYWJvdXQ6aW52YWxpZCN6VFN6XCIsTik7dmFyIHRhLHVhPXdpbmRvdyx2YT10YT0hIXVhLmdvb2dsZV9hc3luY19pZnJhbWVfaWQsST12YSYmd2luZG93LnBhcmVudHx8d2luZG93O3ZhciB3YT1mdW5jdGlvbigpe3ZhciBhLGIsYyxkLGU7dGhpcy5KPWN8fDRFMzt0aGlzLkQ9YXx8XCImXCI7dGhpcy5QPWJ8fFwiLCRcIjt0aGlzLnU9dm9pZCAwIT09ZD9kOlwidHJuXCI7dGhpcy5iYT1lfHxudWxsO3RoaXMudj17fTt0aGlzLlc9MDt0aGlzLmo9W119LHlhPWZ1bmN0aW9uKGEsYixjLGQsZSl7dmFyIGY9W107SyhhLGZ1bmN0aW9uKGgsayl7KGg9eGEoaCxiLGMsZCxlKSkmJmYucHVzaChrK1wiPVwiK2gpfSk7cmV0dXJuIGYuam9pbihiKX0seGE9ZnVuY3Rpb24oYSxiLGMsZCxlKXtpZihudWxsPT1hKXJldHVyblwiXCI7Yj1ifHxcIiZcIjtjPWN8fFwiLCRcIjtcInN0cmluZ1wiPT10eXBlb2YgYyYmKGM9Yy5zcGxpdChcIlwiKSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Zm9yKHZhciBmPVtdLGg9MDtoPGEubGVuZ3RoO2grKylmLnB1c2goeGEoYVtoXSxiLGMsZCsxLGUpKTtyZXR1cm4gZi5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBlPWV8fDAsMj5lP2VuY29kZVVSSUNvbXBvbmVudCh5YShhLGIsYyxkLGUrMSkpOlwiLi4uXCI7cmV0dXJuIGVuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoYSkpfSxBYT1mdW5jdGlvbihhLGIsYyxkKXtiPWIrXCIvL1wiK2MrZDt2YXIgZT16YShhKS1kLmxlbmd0aDtpZigwPmUpcmV0dXJuXCJcIjthLmouc29ydChmdW5jdGlvbihtLG4pe3JldHVybiBtLW59KTtjPW51bGw7ZD1cIlwiO2Zvcih2YXIgZj0wO2Y8YS5qLmxlbmd0aDtmKyspZm9yKHZhciBoPWEualtmXSxrPWEudltoXSxsPTA7bDxrLmxlbmd0aDtsKyspe2lmKCFlKXtjPW51bGw9PWM%2FaDpjO2JyZWFrfXZhciBnPXlhKGtbbF0sYS5ELGEuUCk7aWYoZyl7Zz1kK2c7aWYoZT49Zy5sZW5ndGgpe2UtPWcubGVuZ3RoO2IrPWc7ZD1hLkQ7YnJlYWt9Yz1udWxsPT1jP2g6Y319ZT1cIlwiO2EudSYmbnVsbCE9YyYmKGM9YS5iYXx8YyxlPWQrYS51K1wiPVwiK2MpO3JldHVybiBiK2UrXCJcIn0semE9ZnVuY3Rpb24oYSl7aWYoIWEudSlyZXR1cm4gYS5KO3ZhciBiPTEsYztmb3IoYyBpbiBhLnYpYj1jLmxlbmd0aD5iP2MubGVuZ3RoOmI7cmV0dXJuIGEuSi1hLnUubGVuZ3RoLWItYS5ELmxlbmd0aC0xfTt2YXIgQmE9ZnVuY3Rpb24oKXt2YXIgYT12b2lkIDA9PT1hP006YTthPShhPVwiaHR0cDpcIj09PWEubG9jYXRpb24ucHJvdG9jb2wpP1wiaHR0cDpcIjpcImh0dHBzOlwiO3ZhciBiPXZvaWQgMD09PWI%2FITE6Yjt0aGlzLlo9YTt0aGlzLlQ9XCJwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbVwiO3RoaXMuWD1cIi9wYWdlYWQvZ2VuXzIwND9pZD1cIjt0aGlzLk89Yjt0aGlzLkw9TWF0aC5yYW5kb20oKX0sRGE9ZnVuY3Rpb24oYSxiKXt2YXIgYz1QO2lmKENhKGMpKXRyeXtpZihhIGluc3RhbmNlb2Ygd2EpdmFyIGQ9YTtlbHNlIGQ9bmV3IHdhLEsoYSxmdW5jdGlvbihmLGgpe3ZhciBrPWQsbD1mO2Y9ay5XKys7dmFyIGc9e307Z1toXT1sO2g9W2ddO2suai5wdXNoKGYpO2sudltmXT1ofSk7dmFyIGU9QWEoZCxjLlosYy5ULGMuWCtcImh0bWw1LW1vbiZcIik7ZSYmKFwidW5kZWZpbmVkXCIhPT10eXBlb2YgYj9MKHosZSxiKTpjLk8%2F&i=8-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
LNzlLDPJbsHfXbBJU3D2wQld3CQnECZVhV8nU_qajQoVmqPTFIsCVQ==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=cWEoZSk6TCh6LGUpKX1jYXRjaChmKXt9fSxDYT1mdW5jdGlvbihhKXthPWEuTDtyZXR1cm4gMT5hfTt2YXIgUT1udWxsO3ZhciBFYT1mdW5jdGlvbigpe3ZhciBhPXoucGVyZm9ybWFuY2U7cmV0dXJuIGEmJmEubm93JiZhLnRpbWluZz9NYXRoLmZsb29yKGEubm93KCkrYS50aW1pbmcubmF2aWdhdGlvblN0YXJ0KTpEYXRlLm5vdygpfSxGYT1mdW5jdGlvbigpe3ZhciBhPXZvaWQgMD09PWE%2FejphO3JldHVybihhPWEucGVyZm9ybWFuY2UpJiZhLm5vdz9hLm5vdygpOm51bGx9O3ZhciBHYT1mdW5jdGlvbihhLGIsYyl7dmFyIGQ7dmFyIGU9dm9pZCAwPT09ZT8wOmU7dGhpcy5sYWJlbD1hO3RoaXMudHlwZT1iO3RoaXMudmFsdWU9Yzt0aGlzLmR1cmF0aW9uPWU7dGhpcy51bmlxdWVJZD1NYXRoLnJhbmRvbSgpO3RoaXMuc2xvdElkPWR9O3ZhciBSPXoucGVyZm9ybWFuY2UsSGE9ISEoUiYmUi5tYXJrJiZSLm1lYXN1cmUmJlIuY2xlYXJNYXJrcyksUz1EKGZ1bmN0aW9uKCl7dmFyIGE7aWYoYT1IYSl7dmFyIGI7aWYobnVsbD09PVEpe1E9XCJcIjt0cnl7YT1cIlwiO3RyeXthPXoudG9wLmxvY2F0aW9uLmhhc2h9Y2F0Y2goYyl7YT16LmxvY2F0aW9uLmhhc2h9YSYmKFE9KGI9YS5tYXRjaCgvXFxiZGVpZD0oW1xcZCxdKykvKSk%2FYlsxXTpcIlwiKX1jYXRjaChjKXt9fWI9UTthPSEhYi5pbmRleE9mJiYwPD1iLmluZGV4T2YoXCIxMzM3XCIpfXJldHVybiBhfSksVT1mdW5jdGlvbigpe3ZhciBhPVQ7dGhpcy5hPVtdO3RoaXMuVT1hfHx6O3ZhciBiPW51bGw7YSYmKGEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZT1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWV8fFtdLHRoaXMuYT1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWUsYj1hLmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZyk7dGhpcy5nPVMoKXx8KG51bGwhPWI%2FYjoxPk1hdGgucmFuZG9tKCkpfTtVLnByb3RvdHlwZS5kaXNhYmxlPWZ1bmN0aW9uKCl7dGhpcy5nPSExO3RoaXMuYSE9dGhpcy5VLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWUmJihTKCkmJm5hKHRoaXMuYSxJYSksdGhpcy5hLmxlbmd0aD0wKX07dmFyIElhPWZ1bmN0aW9uKGEpe2EmJlImJlMoKSYmKFIuY2xlYXJNYXJrcyhcImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX3N0YXJ0XCIpLFIuY2xlYXJNYXJrcyhcImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX2VuZFwiKSl9O1UucHJvdG90eXBlLnN0YXJ0PWZ1bmN0aW9uKGEsYil7aWYoIXRoaXMuZylyZXR1cm4gbnVsbDt2YXIgYz1GYSgpfHxFYSgpO2E9bmV3IEdhKGEsYixjKTtiPVwiZ29vZ19cIithLmxhYmVsK1wiX1wiK2EudW5pcXVlSWQrXCJfc3RhcnRcIjtSJiZTKCkmJlIubWFyayhiKTtyZXR1cm4gYX07VS5wcm90b3R5cGUuZW5kPWZ1bmN0aW9uKGEpe2lmKHRoaXMuZyYmXCJudW1iZXJcIj09PXR5cGVvZiBhLnZhbHVlKXt2YXIgYj1GYSgpfHxFYSgpO2EuZHVyYXRpb249Yi1hLnZhbHVlO2I9XCJnb29nX1wiK2EubGFiZWwrXCJfXCIrYS51bmlxdWVJZCtcIl9lbmRcIjtSJiZTKCkmJlIubWFyayhiKTshdGhpcy5nfHwyMDQ4PHRoaXMuYS5sZW5ndGh8fHRoaXMuYS5wdXNoKGEpfX07dmFyIFAsSmE7aWYodmEmJiFKKCkpe3ZhciBWPVwiLlwiK3JhLmRvbWFpbjt0cnl7Zm9yKDsyPFYuc3BsaXQoXCIuXCIpLmxlbmd0aCYmIUooKTspcmEuZG9tYWluPVY9Vi5zdWJzdHIoVi5pbmRleE9mKFwiLlwiKSsxKSxJPXdpbmRvdy5wYXJlbnR9Y2F0Y2goYSl7fUooKXx8KEk9d2luZG93KX12YXIgVD1KYT1JLEthPW5ldyBVLExhPWZ1bmN0aW9uKCl7dmFyIGE7bnVsbCE9YSYmKFQuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nPWEpO1QuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nfHxLYS5kaXNhYmxlKCl9O1A9bmV3IEJhO1wibnVtYmVyXCIhPT10eXBlb2YgVC5nb29nbGVfc3J0JiYoVC5nb29nbGVfc3J0PU1hdGgucmFuZG9tKCkpO3ZhciBNYT1QLFc9VC5nb29nbGVfc3J0OzA8PVcmJjE%2BPVcmJihNYS5MPVcpO1wiY29tcGxldGVcIj09VC5kb2N1bWVudC5yZWFkeVN0YXRlP0xhKCk6S2EuZyYmRyhULFwibG9hZFwiLGZ1bmN0aW9uKCl7TGEoKX0pO3ZhciBOYT1uZXcgV2Vha01hcDtmdW5jdGlvbiBPYShhKXt2YXIgYj12b2lkIDA9PT1iP1BhOmI7dmFyIGM9amEoYSksZD1mdW5jdGlvbihmKXtmPXEoZik7Zi5uZXh0KCk7Zj1yKGYpO3JldHVybiBiKGMsZil9LGU9ZnVuY3Rpb24oZil7Zm9yKHZhciBoPVtdLGs9MDtrPGFyZ3VtZW50cy5sZW5ndGg7KytrKWhbay0wXT1hcmd1bWVudHNba107az10aGlzfHx6O3ZhciBsPU5hLmdldChrKTtsfHwobD17fSxOYS5zZXQoayxsKSk7az1sO2w9W3RoaXNdLmNvbmNhdChoIGluc3RhbmNlb2YgQXJyYXk%2FaDpyKHEoaCkpKTtoPWQ%2FZChsKTpsO2lmKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChrLGgpKWg9a1toXTtlbHNle3ZhciBnPXEobCk7bD1nLm5leHQoKS52YWx1ZTtnPXIoZyk7bD1hLmFwcGx5KGwsZyk7aD1rW2hdPWx9cmV0dXJuIGh9O3JldHVybiBlfXZhciBQYT1mdW5jdGlvbihhLGIpe2E9W2FdO2Zvcih2YXIgYz1iLmxlbmd0aC0xOzA8PWM7LS1jKWEucHVzaCh0eXBlb2YgYltjXSxiW2NdKTtyZXR1cm4gYS5qb2luKFwiXFx4MEJcIil9O3ZhciBRYT1PYShmdW5jdGlvbihhLGIsYyxkKXtkPWR8fHt9O2QuaT1hLlM7ZC50PWEuYWE7ZC5jPWI7ZC5tPWM7ZC5scD1hLlY7YS5IJiYoZC5lPWEuSCk7YS5JJiYoZC5ncWk9YS5JKTthLksmJihkLnFxaT1hLkspO2EuJChkKX0pLFJhPWZ1bmN0aW9uKGEpe3ZhciBiO0RhKGEsYil9O3ZhciBYPWZ1bmN0aW9uKGEsYil7dGhpcy5NPWE7dGhpcy5GPWI7dGhpcy5mPXt9O3RoaXMubD0hMX0sVGE9ZnVuY3Rpb24oYSxiKXt2YXIgYz1iLm47c3dpdGNoKGIudCl7Y2FzZSAxOmI9Yi5kO2M9WShhLGMpO2MuQShiKTticmVhaztjYXNlIDI6Yj1ZKGEsYyksYi5CPSEwLFNhKGEsYyl9fSxZPWZ1bmN0aW9uKGEsYil7YS5mW2JdfHwoYS5mW2JdPXtCOiExLG86W10sQTpudWxsfSk7cmV0dXJuIGEuZltiXX0sU2E9ZnVuY3Rpb24oYSxiKXt2YXIgYz1ZKGEsYik7aWYoYy5CKXtmb3IodmFyIGQ9Yy5vLmxlbmd0aCxlPTA7ZTxkO2UrKylhLnNlbmRNZXNzYWdlKGIsYy5vW2VdKTtjLm89W119fSxVYT1mdW5jdGlvbihhLGIpe2lmKGEubCl7dmFyIGM9e3Q6Mn07Yy5zPWEuRjtjLm49YjthLnNlbmQoYyl9fTtYLnByb3RvdHlwZS5yZWdpc3RlckFwcGxpY2F0aW9uSGFuZGxlcj1mdW5jdGlvbihhLGIpe3ZhciBjPVkodGhpcyxhKTtjLkE9YjtVYSh0aGlzLGEpfTtYLnByb3RvdHlwZS5zZW5kTWVzc2FnZT1mdW5jdGlvbihhLGIpe3ZhciBjPVkodGhpcyxhKTt0aGlzLmwmJmMuQj8oYz17dDoxfSxjLnM9dGhpcy5GLGMubj1hLGMuZD1iLHRoaXMuc2VuZChjKSk6Yy5vLnB1c2goYil9O3ZhciBWYT1mdW5jdGlvbihhKXt2YXIgYixjO0EoYnx8XCJzZWN1cmVDaGFubmVsXCIsYSxjKX07WC5wcm90b3R5cGUuaXNJbml0aWFsaXplZD1mdW5jdGlvbigpe3JldHVybiB0aGlzLmx9O3ZhciBaPWZ1bmN0aW9uKGEsYixjKXtjPXZvaWQgMD09PWM%2FITA6YztYLmNhbGwodGhpcyxhLGIpO3ZhciBkPXRoaXM7dGhpcy5HPWMmJiEhd2luZG93Lk1lc3NhZ2VDaGFubmVsO3RoaXMuQz10aGlzLmI9bnVsbDt3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lciYmKHRoaXMuUj1mdW5jdGlvbihlKXt2YXIgZixoPWUuZGF0YTtpZihoLnM9PT1kLkYmJihkLkc%2FZS5zb3VyY2U9PT1kLk06ZS5zb3VyY2UucGFyZW50PT09ZC5NKSlpZigwPT09aC50KXtpZihXYShkLGUpKWZvcihmIGluIGQubD0hMCxkLmYpZC5mW2ZdLkEmJlVhKGQsZiksU2EoZCxmKX1lbHNlIGQuQz1lLFRhKGQsaCk7cmV0dXJuIGY9dm9pZCAwfSx3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIix0aGlzLlIsITEpKX07eChaLFgpO1oucHJvdG90eXBlLnNlbmQ9ZnVuY3Rpb24oYSl7dGhpcy5HP3RoaXMuYiYmdGhpcy5iLnBvc3RNZXNzYWdlKGEpOnRoaXMuQy5zb3VyY2UucGFyZW50LnBvc3RNZXNzYWdlKGEsXCIqXCIpfTt2YXIgV2E9ZnVuY3Rpb24oYSxiKXtpZihhLkcpe2EuYj1iLnBvcnRzJiZiLnBvcnRzWzBdO2lmKCFhLmIpcmV0dXJuITE7YS5iLmFkZEV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsQyhmdW5jdGlvbihjKXtUYSh0aGlzLGMuZGF0YSl9LGEpLCExKTthLmIuc3RhcnQoKX1lbHNlIGEuQz1iO3JldHVybiEwfTt2YXIgWGE9ZnVuY3Rpb24oYSxiLGMsZCl7aWYoYyl7dmFyIGU9bmV3IFooYy5jb250ZW50V2luZG93LGEpLGY9Yi5tb25pdG9yaW5nO2YmJndpbmRvdy5zZXRUaW1lb3V0KGZ1bmN0aW9uKCl7aWYoIWUuaXNJbml0aWFsaXplZCgpKXt2YXIgaD1SYTtoPXtTOmYuY3JlYXRpdmVJZHx8LTEsYWE6Zi50ZW1wbGF0ZUlkfHwtMSxIOmYuZXhwZXJpbWVudElkLGRhOmYucmVwb3J0RXJyb3JzfHwhMSxlYTpmLnJlcG9ydFBlcmZ8fCExLCQ6aCxWOmYubGF5b3V0UGF0aCxJOmYuZ3FpLEs6Zi5xcWksZ2E6Zi5ydW1VcmwsZmE6Zi5ydW1jLGNhOmYubmF2U3RhcnR9O1FhKGgsXCJzY1wiLFwiMVwiKX19LDJFNCk7ZS5zZW5kTWVzc2FnZShcImFkRGF0YVwiLGIpO1ZhKGUpO2I9TS5sb2NhdGlvbi5vcmlnaW58fE0ubG9jYXRpb24ucHJvdG9jb2wrXCIvL1wiK00ubG9jYXRpb24uaG9zdDtcIlwiPT09ZG9jdW1lbnQuZG9tYWluJiYoYj1cIipcIik7Yy5zcmM9ZCtcIiN0PVwiK2VuY29kZVVSSUNvbXBvbmVudChhKStcIiZwPVwiK2VuY29kZVVSSUNvbXBvbmVudChiKX19LFlhPWZ1bmN0aW9uKGEsYixjLGQpe2M9ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoYyk7WGEoYSxiLGMsZCl9LFphO0EoXCJzZW5kXCIsWWEsWmEpO30pLmNhbGwodGhpcyk7c2VuZCgnODc5OTQwNTA1NjQ3MDEwMTA0MCcsIGFkRGF0YSwnZ29vZ2xlX2FkXzUxMTU2NDQ0MjU5OCcsICdodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FkYnVuZGxlLyRjc3AlM0RlcjMkLzE2MzMwMjgzOTc4MjIxMzA5MjkxL2luZGV4Lmh0bWwnKTsoZnVuY3Rpb24oKXsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gdmFyIG4sYWE9ZnVuY3Rpb24oYSl7dmFyIGI9MDtyZXR1cm4gZnVuY3Rpb24oKXtyZXR1cm4gYjxhLmxlbmd0aD97ZG9uZTohMSx2YWx1ZTphW2IrK119Ontkb25lOiEwfX19LGJhPVwiZnVuY3Rpb25cIj09dHlwZW9mIE9iamVjdC5kZWZpbmVQcm9wZXJ0aWVzP09iamVjdC5kZWZpbmVQcm9wZXJ0eTpmdW5jdGlvbihhLGIsYyl7aWYoYT09QXJyYXkucHJvdG90eXBlfHxhPT1PYmplY3QucHJvdG90eXBlKXJldHVybiBhO2FbYl09Yy52YWx1ZTtyZXR1cm4gYX0sY2E9ZnVuY3Rpb24oYSl7YT1bXCJvYmplY3RcIj09dHlwZW9mIGdsb2JhbFRoaXMmJmdsb2JhbFRoaXMsYSxcIm9iamVjdFwiPT10eXBlb2Ygd2luZG93JiZ3aW5kb3csXCJvYmplY3RcIj09dHlwZW9mIHNlbGYmJnNlbGYsXCJvYmplY3RcIj09dHlwZW9mIGdsb2JhbCYmZ2xvYmFsXTtmb3IodmFyIGI9MDtiPGEubGVuZ3RoOysrYil7dmFyIGM9YVtiXTtpZihjJiZjLk1hdGg9PU1hdGgpcmV0dXJuIGN9dGhyb3cgRXJyb3IoXCJDYW5ub3QgZmluZCBnbG9iYWwgb2JqZWN0XCIpOyB9LGRhPWNhKHRoaXMpLHQ9ZnVuY3Rpb24oYSxiKXtpZihiKWE6e3ZhciBjPWRhO2E9YS5zcGxpdChcIi5cIik7Zm9yKHZhciBkPTA7ZDxhLmxlbmd0aC0xO2QrKyl7dmFyIGU9YVtkXTtpZighKGUgaW4gYykpYnJlYWsgYTtjPWNbZV19YT1hW2EubGVuZ3RoLTFdO2Q9Y1thXTtiPWIoZCk7YiE9ZCYmbnVsbCE9YiYmYmEoYyxhLHtjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsdmFsdWU6Yn0pfX07IHQoXCJTeW1ib2xcIixmdW5jdGlvbihhKXtpZihhKXJldHVybiBhO3ZhciBiPWZ1bmN0aW9uKGYsbCl7dGhpcy5pYj1mO2JhKHRoaXMsXCJkZXNjcmlwdGlvblwiLHtjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsdmFsdWU6bH0pfTtiLnByb3RvdHlwZS50b1N0cmluZz1mdW5j&i=9-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
6QZca_JVuPUUCWQAEspxL2zA1TdWuzppdXFbt9juSRAxhYbusLymjA==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=dGlvbigpe3JldHVybiB0aGlzLmlifTt2YXIgYz1cImpzY29tcF9zeW1ib2xfXCIrKDFFOSpNYXRoLnJhbmRvbSgpPj4%2BMCkrXCJfXCIsZD0wLGU9ZnVuY3Rpb24oZil7aWYodGhpcyBpbnN0YW5jZW9mIGUpdGhyb3cgbmV3IFR5cGVFcnJvcihcIlN5bWJvbCBpcyBub3QgYSBjb25zdHJ1Y3RvclwiKTtyZXR1cm4gbmV3IGIoYysoZnx8XCJcIikrXCJfXCIrZCsrLGYpfTtyZXR1cm4gZX0pOyB0KFwiU3ltYm9sLml0ZXJhdG9yXCIsZnVuY3Rpb24oYSl7aWYoYSlyZXR1cm4gYTthPVN5bWJvbChcIlN5bWJvbC5pdGVyYXRvclwiKTtmb3IodmFyIGI9XCJBcnJheSBJbnQ4QXJyYXkgVWludDhBcnJheSBVaW50OENsYW1wZWRBcnJheSBJbnQxNkFycmF5IFVpbnQxNkFycmF5IEludDMyQXJyYXkgVWludDMyQXJyYXkgRmxvYXQzMkFycmF5IEZsb2F0NjRBcnJheVwiLnNwbGl0KFwiIFwiKSxjPTA7YzxiLmxlbmd0aDtjKyspe3ZhciBkPWRhW2JbY11dO1wiZnVuY3Rpb25cIj09PXR5cGVvZiBkJiZcImZ1bmN0aW9uXCIhPXR5cGVvZiBkLnByb3RvdHlwZVthXSYmYmEoZC5wcm90b3R5cGUsYSx7Y29uZmlndXJhYmxlOiEwLHdyaXRhYmxlOiEwLHZhbHVlOmZ1bmN0aW9uKCl7cmV0dXJuIGVhKGFhKHRoaXMpKX19KX1yZXR1cm4gYX0pOyB2YXIgZWE9ZnVuY3Rpb24oYSl7YT17bmV4dDphfTthW1N5bWJvbC5pdGVyYXRvcl09ZnVuY3Rpb24oKXtyZXR1cm4gdGhpc307cmV0dXJuIGF9LHU9ZnVuY3Rpb24oYSl7dmFyIGI9XCJ1bmRlZmluZWRcIiE9dHlwZW9mIFN5bWJvbCYmU3ltYm9sLml0ZXJhdG9yJiZhW1N5bWJvbC5pdGVyYXRvcl07cmV0dXJuIGI%2FYi5jYWxsKGEpOntuZXh0OmFhKGEpfX0sZmE9ZnVuY3Rpb24oYSl7Zm9yKHZhciBiLGM9W107IShiPWEubmV4dCgpKS5kb25lOyljLnB1c2goYi52YWx1ZSk7cmV0dXJuIGN9LGhhPVwiZnVuY3Rpb25cIj09dHlwZW9mIE9iamVjdC5jcmVhdGU%2FT2JqZWN0LmNyZWF0ZTpmdW5jdGlvbihhKXt2YXIgYj1mdW5jdGlvbigpe307Yi5wcm90b3R5cGU9YTtyZXR1cm4gbmV3IGJ9LGlhOyBpZihcImZ1bmN0aW9uXCI9PXR5cGVvZiBPYmplY3Quc2V0UHJvdG90eXBlT2YpaWE9T2JqZWN0LnNldFByb3RvdHlwZU9mO2Vsc2V7dmFyIGphO2E6e3ZhciBrYT17YTohMH0sbGE9e307dHJ5e2xhLl9fcHJvdG9fXz1rYTtqYT1sYS5hO2JyZWFrIGF9Y2F0Y2goYSl7fWphPSExfWlhPWphP2Z1bmN0aW9uKGEsYil7YS5fX3Byb3RvX189YjtpZihhLl9fcHJvdG9fXyE9PWIpdGhyb3cgbmV3IFR5cGVFcnJvcihhK1wiIGlzIG5vdCBleHRlbnNpYmxlXCIpO3JldHVybiBhfTpudWxsfSB2YXIgbWE9aWEsbmE9ZnVuY3Rpb24oYSxiKXthLnByb3RvdHlwZT1oYShiLnByb3RvdHlwZSk7YS5wcm90b3R5cGUuY29uc3RydWN0b3I9YTtpZihtYSltYShhLGIpO2Vsc2UgZm9yKHZhciBjIGluIGIpaWYoXCJwcm90b3R5cGVcIiE9YylpZihPYmplY3QuZGVmaW5lUHJvcGVydGllcyl7dmFyIGQ9T2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihiLGMpO2QmJk9iamVjdC5kZWZpbmVQcm9wZXJ0eShhLGMsZCl9ZWxzZSBhW2NdPWJbY107YS56Yj1iLnByb3RvdHlwZX0sb2E9ZnVuY3Rpb24oKXtmb3IodmFyIGE9TnVtYmVyKHRoaXMpLGI9W10sYz1hO2M8YXJndW1lbnRzLmxlbmd0aDtjKyspYltjLWFdPWFyZ3VtZW50c1tjXTtyZXR1cm4gYn0sdj1mdW5jdGlvbihhLGIpe3JldHVybiBPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxiKX07IHQoXCJXZWFrTWFwXCIsZnVuY3Rpb24oYSl7ZnVuY3Rpb24gYigpe31mdW5jdGlvbiBjKGgpe3ZhciBrPXR5cGVvZiBoO3JldHVyblwib2JqZWN0XCI9PT1rJiZudWxsIT09aHx8XCJmdW5jdGlvblwiPT09a31mdW5jdGlvbiBkKGgpe2lmKCF2KGgsZikpe3ZhciBrPW5ldyBiO2JhKGgsZix7dmFsdWU6a30pfX1mdW5jdGlvbiBlKGgpe3ZhciBrPU9iamVjdFtoXTtrJiYoT2JqZWN0W2hdPWZ1bmN0aW9uKG0pe2lmKG0gaW5zdGFuY2VvZiBiKXJldHVybiBtO09iamVjdC5pc0V4dGVuc2libGUobSkmJmQobSk7cmV0dXJuIGsobSl9KX1pZihmdW5jdGlvbigpe2lmKCFhfHwhT2JqZWN0LnNlYWwpcmV0dXJuITE7dHJ5e3ZhciBoPU9iamVjdC5zZWFsKHt9KSxrPU9iamVjdC5zZWFsKHt9KSxtPW5ldyBhKFtbaCwyXSxbaywzXV0pO2lmKDIhPW0uZ2V0KGgpfHwzIT1tLmdldChrKSlyZXR1cm4hMTttLmRlbGV0ZShoKTttLnNldChrLDQpO3JldHVybiFtLmhhcyhoKSYmND09bS5nZXQoayl9Y2F0Y2gocil7cmV0dXJuITF9fSgpKXJldHVybiBhOyB2YXIgZj1cIiRqc2NvbXBfaGlkZGVuX1wiK01hdGgucmFuZG9tKCk7ZShcImZyZWV6ZVwiKTtlKFwicHJldmVudEV4dGVuc2lvbnNcIik7ZShcInNlYWxcIik7dmFyIGw9MCxnPWZ1bmN0aW9uKGgpe3RoaXMuSD0obCs9TWF0aC5yYW5kb20oKSsxKS50b1N0cmluZygpO2lmKGgpe2g9dShoKTtmb3IodmFyIGs7IShrPWgubmV4dCgpKS5kb25lOylrPWsudmFsdWUsdGhpcy5zZXQoa1swXSxrWzFdKX19O2cucHJvdG90eXBlLnNldD1mdW5jdGlvbihoLGspe2lmKCFjKGgpKXRocm93IEVycm9yKFwiSW52YWxpZCBXZWFrTWFwIGtleVwiKTtkKGgpO2lmKCF2KGgsZikpdGhyb3cgRXJyb3IoXCJXZWFrTWFwIGtleSBmYWlsOiBcIitoKTtoW2ZdW3RoaXMuSF09aztyZXR1cm4gdGhpc307Zy5wcm90b3R5cGUuZ2V0PWZ1bmN0aW9uKGgpe3JldHVybiBjKGgpJiZ2KGgsZik%2FaFtmXVt0aGlzLkhdOnZvaWQgMH07Zy5wcm90b3R5cGUuaGFzPWZ1bmN0aW9uKGgpe3JldHVybiBjKGgpJiZ2KGgsZikmJnYoaFtmXSx0aGlzLkgpfTsgZy5wcm90b3R5cGUuZGVsZXRlPWZ1bmN0aW9uKGgpe3JldHVybiBjKGgpJiZ2KGgsZikmJnYoaFtmXSx0aGlzLkgpP2RlbGV0ZSBoW2ZdW3RoaXMuSF06ITF9O3JldHVybiBnfSk7IHQoXCJNYXBcIixmdW5jdGlvbihhKXtpZihmdW5jdGlvbigpe2lmKCFhfHxcImZ1bmN0aW9uXCIhPXR5cGVvZiBhfHwhYS5wcm90b3R5cGUuZW50cmllc3x8XCJmdW5jdGlvblwiIT10eXBlb2YgT2JqZWN0LnNlYWwpcmV0dXJuITE7dHJ5e3ZhciBnPU9iamVjdC5zZWFsKHt4OjR9KSxoPW5ldyBhKHUoW1tnLFwic1wiXV0pKTtpZihcInNcIiE9aC5nZXQoZyl8fDEhPWguc2l6ZXx8aC5nZXQoe3g6NH0pfHxoLnNldCh7eDo0fSxcInRcIikhPWh8fDIhPWguc2l6ZSlyZXR1cm4hMTt2YXIgaz1oLmVudHJpZXMoKSxtPWsubmV4dCgpO2lmKG0uZG9uZXx8bS52YWx1ZVswXSE9Z3x8XCJzXCIhPW0udmFsdWVbMV0pcmV0dXJuITE7bT1rLm5leHQoKTtyZXR1cm4gbS5kb25lfHw0IT1tLnZhbHVlWzBdLnh8fFwidFwiIT1tLnZhbHVlWzFdfHwhay5uZXh0KCkuZG9uZT8hMTohMH1jYXRjaChyKXtyZXR1cm4hMX19KCkpcmV0dXJuIGE7dmFyIGI9bmV3IFdlYWtNYXAsYz1mdW5jdGlvbihnKXt0aGlzLmlhPXt9O3RoaXMuUD0gZigpO3RoaXMuc2l6ZT0wO2lmKGcpe2c9dShnKTtmb3IodmFyIGg7IShoPWcubmV4dCgpKS5kb25lOyloPWgudmFsdWUsdGhpcy5zZXQoaFswXSxoWzFdKX19O2MucHJvdG90eXBlLnNldD1mdW5jdGlvbihnLGgpe2c9MD09PWc%2FMDpnO3ZhciBrPWQodGhpcyxnKTtrLmxpc3R8fChrLmxpc3Q9dGhpcy5pYVtrLmlkXT1bXSk7ay5CP2suQi52YWx1ZT1oOihrLkI9e25leHQ6dGhpcy5QLFI6dGhpcy5QLlIsaGVhZDp0aGlzLlAsa2V5OmcsdmFsdWU6aH0say5saXN0LnB1c2goay5CKSx0aGlzLlAuUi5uZXh0PWsuQix0aGlzLlAuUj1rLkIsdGhpcy5zaXplKyspO3JldHVybiB0aGlzfTtjLnByb3RvdHlwZS5kZWxldGU9ZnVuY3Rpb24oZyl7Zz1kKHRoaXMsZyk7cmV0dXJuIGcuQiYmZy5saXN0PyhnLmxpc3Quc3BsaWNlKGcuaW5kZXgsMSksZy5saXN0Lmxlbmd0aHx8ZGVsZXRlIHRoaXMuaWFbZy5pZF0sZy5CLlIubmV4dD1nLkIubmV4dCxnLkIubmV4dC5SPWcuQi5SLGcuQi5oZWFkPW51bGwsIHRoaXMuc2l6ZS0tLCEwKTohMX07Yy5wcm90b3R5cGUuY2xlYXI9ZnVuY3Rpb24oKXt0aGlzLmlhPXt9O3RoaXMuUD10aGlzLlAuUj1mKCk7dGhpcy5zaXplPTB9O2MucHJvdG90eXBlLmhhcz1mdW5jdGlvbihnKXtyZXR1cm4hIWQodGhpcyxnKS5CfTtjLnByb3RvdHlwZS5nZXQ9ZnVuY3Rpb24oZyl7cmV0dXJuKGc9ZCh0aGlzLGcpLkIpJiZnLnZhbHVlfTtjLnByb3RvdHlwZS5lbnRyaWVzPWZ1bmN0aW9uKCl7cmV0dXJuIGUodGhpcyxmdW5jdGlvbihnKXtyZXR1cm5bZy5rZXksZy52YWx1ZV19KX07Yy5wcm90b3R5cGUua2V5cz1mdW5jdGlvbigpe3JldHVybiBlKHRoaXMsZnVuY3Rpb24oZyl7cmV0dXJuIGcua2V5fSl9O2MucHJvdG90eXBlLnZhbHVlcz1mdW5jdGlvbigpe3JldHVybiBlKHRoaXMsZnVuY3Rpb24oZyl7cmV0dXJuIGcudmFsdWV9KX07Yy5wcm90b3R5cGUuZm9yRWFjaD1mdW5jdGlvbihnLGgpe2Zvcih2YXIgaz10aGlzLmVudHJpZXMoKSxtOyEobT1rLm5leHQoKSkuZG9uZTspbT0gbS52YWx1ZSxnLmNhbGwoaCxtWzFdLG1bMF0sdGhpcyl9O2MucHJvdG90eXBlW1N5bWJvbC5pdGVyYXRvcl09Yy5wcm90b3R5cGUuZW50cmllczt2YXIgZD1mdW5jdGlvbihnLGgpe3ZhciBrPWgmJnR5cGVvZiBoO1wib2JqZWN0XCI9PWt8fFwiZnVuY3Rpb25cIj09az9iLmhhcyhoKT9rPWIuZ2V0KGgpOihrPVwiXCIrICsrbCxiLnNldChoLGspKTprPVwicF9cIitoO3ZhciBtPWcuaWFba107aWYobSYmdihnLmlhLGspKWZvcihnPTA7ZzxtLmxlbmd0aDtnKyspe3ZhciByPW1bZ107aWYoaCE9PWgmJnIua2V5IT09ci5rZXl8fGg9PT1yLmtleSlyZXR1cm57aWQ6ayxsaXN0Om0saW5kZXg6ZyxCOnJ9fXJldHVybntpZDprLGxpc3Q6bSxpbmRleDotMSxCOnZvaWQgMH19LGU9ZnVuY3Rpb24oZyxoKXt2YXIgaz1nLlA7cmV0dXJuIGVhKGZ1bmN0aW9uKCl7aWYoayl7Zm9yKDtrLmhlYWQhPWcuUDspaz1rLlI7Zm9yKDtrLm5leHQhPWsuaGVhZDspcmV0dXJuIGs9ay5uZXh0LHtkb25lOiExLHZhbHVlOmgoayl9OyBrPW51bGx9cmV0dXJue2RvbmU6ITAsdmFsdWU6dm9pZCAwfX0pfSxmPWZ1bmN0aW9uKCl7dmFyIGc9e307cmV0dXJuIGcuUj1nLm5leHQ9Zy5oZWFkPWd9LGw9MDtyZXR1cm4gY30pO3ZhciBwYT1mdW5jdGlvbihhLGIpe2EgaW5zdGFuY2VvZiBTdHJpbmcmJihhKz1cIlwiKTt2YXIgYz0wLGQ9ITEsZT17bmV4dDpmdW5jdGlvbigpe2lmKCFkJiZjPGEubGVuZ3RoKXt2YXIgZj1jKys7cmV0dXJue3ZhbHVlOmIoZixhW2ZdKSxkb25lOiExfX1kPSEwO3JldHVybntkb25lOiEwLHZhbHVlOnZvaWQgMH19fTtlW1N5bWJvbC5pdGVyYXRvcl09ZnVuY3Rpb24oKXtyZXR1cm4gZX07cmV0dXJuIGV9O3QoXCJOdW1iZXIuaXNOYU5cIixmdW5jdGlvbihhKXtyZXR1cm4gYT9hOmZ1bmN0aW9uKGIpe3JldHVyblwibnVtYmVyXCI9PT10eXBlb2YgYiYmaXNOYU4oYil9fSk7IHQoXCJBcnJheS5mcm9tXCIsZnVuY3Rpb24oYSl7cmV0dXJuIGE%2FYTpmdW5jdGlvbihiLGMsZCl7Yz1udWxsIT1jP2M6ZnVuY3Rpb24oZyl7cmV0dXJuIGd9O3ZhciBlPVtdLGY9XCJ1bmRlZmluZWRcIiE9dHlwZW9mIFN5bWJvbCYmU3ltYm9sLml0ZXJhdG9yJiZiW1N5bWJvbC5pdGVyYXRvcl07aWYoXCJmdW5jdGlvblwiPT10eXBlb2YgZil7Yj1mLmNhbGwoYik7Zm9yKHZhciBsPTA7IShmPWIubmV4dCgpKS5kb25lOyllLnB1c2goYy5jYWxsKGQsZi52YWx1ZSxsKyspKX1lbHNlIGZvcihmPWIubGVuZ3RoLGw9MDtsPGY7bCsrKWUucHVzaChjLmNhbGwoZCxiW2xdLGwpKTtyZXR1cm4gZX19KTt0KFwiQXJyYXkucHJvdG90eXBlLmtleXNcIixmdW5jdGlvbihhKXtyZXR1cm4gYT9hOmZ1bmN0aW9uKCl7cmV0dXJuIHBhKHRoaXMsZnVuY3Rpb24oYil7cmV0dXJuIGJ9KX19KTsgdChcIkFycmF5LnByb3RvdHlwZS52YWx1ZXNcIixmdW5jdGlvbihhKXtyZXR1cm4gYT9hOmZ1bmN0aW9uKCl7cmV0dXJuIHBhKHRoaXMsZnVuY3Rpb24oYixjKXtyZXR1cm4gY30pfX0pOyB2YXIgdz10aGlzfHxzZWxmLHFhPWZ1bmN0aW9uKGEsYil7YT1hLnNwbGl0KFwiLlwiKTt2YXIgYz13O2FbMF1pbiBj&i=10-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
2hDnSap2uKZsrIGXcOrzgXcqb2kefXQmWv9RJobYLS0Q8C4fEX1QcA==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=fHxcInVuZGVmaW5lZFwiPT10eXBlb2YgYy5leGVjU2NyaXB0fHxjLmV4ZWNTY3JpcHQoXCJ2YXIgXCIrYVswXSk7Zm9yKHZhciBkO2EubGVuZ3RoJiYoZD1hLnNoaWZ0KCkpOylhLmxlbmd0aHx8dm9pZCAwPT09Yj9jPWNbZF0mJmNbZF0hPT1PYmplY3QucHJvdG90eXBlW2RdP2NbZF06Y1tkXT17fTpjW2RdPWJ9LHJhPWZ1bmN0aW9uKGEpe3ZhciBiPXR5cGVvZiBhO3JldHVyblwib2JqZWN0XCIhPWI%2FYjphP0FycmF5LmlzQXJyYXkoYSk%2FXCJhcnJheVwiOmI6XCJudWxsXCJ9LHNhPWZ1bmN0aW9uKGEpe3ZhciBiPXJhKGEpO3JldHVyblwiYXJyYXlcIj09Ynx8XCJvYmplY3RcIj09YiYmXCJudW1iZXJcIj09dHlwZW9mIGEubGVuZ3RofSx2YT1mdW5jdGlvbihhKXtyZXR1cm4gT2JqZWN0LnByb3RvdHlwZS5oYXNPd25Qcm9wZXJ0eS5jYWxsKGEsdGEpJiZhW3RhXXx8KGFbdGFdPSsrdWEpfSx0YT0gXCJjbG9zdXJlX3VpZF9cIisoMUU5Kk1hdGgucmFuZG9tKCk%2BPj4wKSx1YT0wLHdhPWZ1bmN0aW9uKGEsYixjKXtyZXR1cm4gYS5jYWxsLmFwcGx5KGEuYmluZCxhcmd1bWVudHMpfSx4YT1mdW5jdGlvbihhLGIsYyl7aWYoIWEpdGhyb3cgRXJyb3IoKTtpZigyPGFyZ3VtZW50cy5sZW5ndGgpe3ZhciBkPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGFyZ3VtZW50cywyKTtyZXR1cm4gZnVuY3Rpb24oKXt2YXIgZT1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChhcmd1bWVudHMpO0FycmF5LnByb3RvdHlwZS51bnNoaWZ0LmFwcGx5KGUsZCk7cmV0dXJuIGEuYXBwbHkoYixlKX19cmV0dXJuIGZ1bmN0aW9uKCl7cmV0dXJuIGEuYXBwbHkoYixhcmd1bWVudHMpfX0seD1mdW5jdGlvbihhLGIsYyl7eD1GdW5jdGlvbi5wcm90b3R5cGUuYmluZCYmLTEhPUZ1bmN0aW9uLnByb3RvdHlwZS5iaW5kLnRvU3RyaW5nKCkuaW5kZXhPZihcIm5hdGl2ZSBjb2RlXCIpP3dhOnhhO3JldHVybiB4LmFwcGx5KG51bGwsIGFyZ3VtZW50cyl9LHlhPWZ1bmN0aW9uKGEsYil7ZnVuY3Rpb24gYygpe31jLnByb3RvdHlwZT1iLnByb3RvdHlwZTthLnpiPWIucHJvdG90eXBlO2EucHJvdG90eXBlPW5ldyBjO2EucHJvdG90eXBlLmNvbnN0cnVjdG9yPWE7YS5PYj1mdW5jdGlvbihkLGUsZil7Zm9yKHZhciBsPUFycmF5KGFyZ3VtZW50cy5sZW5ndGgtMiksZz0yO2c8YXJndW1lbnRzLmxlbmd0aDtnKyspbFtnLTJdPWFyZ3VtZW50c1tnXTtyZXR1cm4gYi5wcm90b3R5cGVbZV0uYXBwbHkoZCxsKX19O3ZhciB6YT17fTtmdW5jdGlvbiB5KGEpe3ZhciBiO2E6e2lmKGI9dy5uYXZpZ2F0b3IpaWYoYj1iLnVzZXJBZ2VudClicmVhayBhO2I9XCJcIn1yZXR1cm4tMSE9Yi5pbmRleE9mKGEpfTtmdW5jdGlvbiBBYSgpe3JldHVybih5KFwiQ2hyb21lXCIpfHx5KFwiQ3JpT1NcIikpJiYheShcIkVkZ2VcIil8fHkoXCJTaWxrXCIpfTt2YXIgQmE9QXJyYXkucHJvdG90eXBlLmluZGV4T2Y%2FZnVuY3Rpb24oYSxiKXtyZXR1cm4gQXJyYXkucHJvdG90eXBlLmluZGV4T2YuY2FsbChhLGIsdm9pZCAwKX06ZnVuY3Rpb24oYSxiKXtpZihcInN0cmluZ1wiPT09dHlwZW9mIGEpcmV0dXJuXCJzdHJpbmdcIiE9PXR5cGVvZiBifHwxIT1iLmxlbmd0aD8tMTphLmluZGV4T2YoYiwwKTtmb3IodmFyIGM9MDtjPGEubGVuZ3RoO2MrKylpZihjIGluIGEmJmFbY109PT1iKXJldHVybiBjO3JldHVybi0xfSxDYT1BcnJheS5wcm90b3R5cGUuZm9yRWFjaD9mdW5jdGlvbihhLGIpe0FycmF5LnByb3RvdHlwZS5mb3JFYWNoLmNhbGwoYSxiLHZvaWQgMCl9OmZ1bmN0aW9uKGEsYil7Zm9yKHZhciBjPWEubGVuZ3RoLGQ9XCJzdHJpbmdcIj09PXR5cGVvZiBhP2Euc3BsaXQoXCJcIik6YSxlPTA7ZTxjO2UrKyllIGluIGQmJmIuY2FsbCh2b2lkIDAsZFtlXSxlLGEpfSxEYT1BcnJheS5wcm90b3R5cGUuZmlsdGVyP2Z1bmN0aW9uKGEsYil7cmV0dXJuIEFycmF5LnByb3RvdHlwZS5maWx0ZXIuY2FsbChhLCBiLHZvaWQgMCl9OmZ1bmN0aW9uKGEsYil7Zm9yKHZhciBjPWEubGVuZ3RoLGQ9W10sZT0wLGY9XCJzdHJpbmdcIj09PXR5cGVvZiBhP2Euc3BsaXQoXCJcIik6YSxsPTA7bDxjO2wrKylpZihsIGluIGYpe3ZhciBnPWZbbF07Yi5jYWxsKHZvaWQgMCxnLGwsYSkmJihkW2UrK109Zyl9cmV0dXJuIGR9LEVhPUFycmF5LnByb3RvdHlwZS5tYXA%2FZnVuY3Rpb24oYSxiKXtyZXR1cm4gQXJyYXkucHJvdG90eXBlLm1hcC5jYWxsKGEsYix2b2lkIDApfTpmdW5jdGlvbihhLGIpe2Zvcih2YXIgYz1hLmxlbmd0aCxkPUFycmF5KGMpLGU9XCJzdHJpbmdcIj09PXR5cGVvZiBhP2Euc3BsaXQoXCJcIik6YSxmPTA7ZjxjO2YrKylmIGluIGUmJihkW2ZdPWIuY2FsbCh2b2lkIDAsZVtmXSxmLGEpKTtyZXR1cm4gZH07IXkoXCJBbmRyb2lkXCIpfHxBYSgpO0FhKCk7eShcIlNhZmFyaVwiKSYmQWEoKTt2YXIgRmE9e30sR2E9bnVsbCxIYT1mdW5jdGlvbihhKXt2YXIgYjt2b2lkIDA9PT1iJiYoYj0wKTtpZighR2Epe0dhPXt9O2Zvcih2YXIgYz1cIkFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5XCIuc3BsaXQoXCJcIiksZD1bXCIrLz1cIixcIisvXCIsXCItXz1cIixcIi1fLlwiLFwiLV9cIl0sZT0wOzU%2BZTtlKyspe3ZhciBmPWMuY29uY2F0KGRbZV0uc3BsaXQoXCJcIikpO0ZhW2VdPWY7Zm9yKHZhciBsPTA7bDxmLmxlbmd0aDtsKyspe3ZhciBnPWZbbF07dm9pZCAwPT09R2FbZ10mJihHYVtnXT1sKX19fWI9RmFbYl07Yz1BcnJheShNYXRoLmZsb29yKGEubGVuZ3RoLzMpKTtkPWJbNjRdfHxcIlwiO2ZvcihlPWY9MDtmPGEubGVuZ3RoLTI7Zis9Myl7dmFyIGg9YVtmXSxrPWFbZisxXTtnPWFbZisyXTtsPWJbaD4%2BMl07aD1iWyhoJjMpPDw0fGs%2BPjRdO2s9YlsoayYxNSk8PDJ8Zz4%2BNl07Zz1iW2cmNjNdO2NbZSsrXT1cIlwiK2wraCtrK2d9bD0wO2c9ZDsgc3dpdGNoKGEubGVuZ3RoLWYpe2Nhc2UgMjpsPWFbZisxXSxnPWJbKGwmMTUpPDwyXXx8ZDtjYXNlIDE6YT1hW2ZdLGNbZV09XCJcIitiW2E%2BPjJdK2JbKGEmMyk8PDR8bD4%2BNF0rZytkfXJldHVybiBjLmpvaW4oXCJcIil9O3ZhciBJYT1cInVuZGVmaW5lZFwiIT09dHlwZW9mIFVpbnQ4QXJyYXksSmE9e307dmFyIEthLExhPWZ1bmN0aW9uKGEpe2lmKEphIT09SmEpdGhyb3cgRXJyb3IoXCJpbGxlZ2FsIGV4dGVybmFsIGNhbGxlclwiKTt0aGlzLmhiPWE7aWYobnVsbCE9YSYmMD09PWEubGVuZ3RoKXRocm93IEVycm9yKFwiQnl0ZVN0cmluZyBzaG91bGQgYmUgY29uc3RydWN0ZWQgd2l0aCBub24tZW1wdHkgdmFsdWVzXCIpO307dmFyIHo9XCJmdW5jdGlvblwiPT09dHlwZW9mIFN5bWJvbCYmXCJzeW1ib2xcIj09PXR5cGVvZiBTeW1ib2woKT9TeW1ib2wodm9pZCAwKTp2b2lkIDA7ZnVuY3Rpb24gTWEoYSxiKXtPYmplY3QuaXNGcm96ZW4oYSl8fCh6P2Fbel18PWI6dm9pZCAwIT09YS5iYT9hLmJhfD1iOk9iamVjdC5kZWZpbmVQcm9wZXJ0aWVzKGEse2JhOnt2YWx1ZTpiLGNvbmZpZ3VyYWJsZTohMCx3cml0YWJsZTohMCxlbnVtZXJhYmxlOiExfX0pKX1mdW5jdGlvbiBOYShhKXthPXo%2FYVt6XTphLmJhO3JldHVybiBudWxsPT1hPzA6YX1mdW5jdGlvbiBBKGEpe01hKGEsMSk7cmV0dXJuIGF9ZnVuY3Rpb24gQihhKXtyZXR1cm4gQXJyYXkuaXNBcnJheShhKT8hIShOYShhKSYyKTohMX1mdW5jdGlvbiBRYShhKXtpZighQXJyYXkuaXNBcnJheShhKSl0aHJvdyBFcnJvcihcImNhbm5vdCBtYXJrIG5vbi1hcnJheSBhcyBpbW11dGFibGVcIik7TWEoYSwyKX0gZnVuY3Rpb24gUmEoYSxiKXtpZighQXJyYXkuaXNBcnJheShhKSl0aHJvdyBFcnJvcihcImNhbm5vdCBtYXJrIG5vbi1hcnJheSBhcyBtdXRhYmxlXCIpO2I%2FTWEoYSw4KTpPYmplY3QuaXNGcm96ZW4oYSl8fCh6P2Fbel0mPS05OnZvaWQgMCE9PWEuYmEmJihhLmJhJj0tOSkpfTtmdW5jdGlvbiBTYShhKXtyZXR1cm4gbnVsbCE9PWEmJlwib2JqZWN0XCI9PT10eXBlb2YgYSYmIUFycmF5LmlzQXJyYXkoYSkmJmEuY29uc3RydWN0b3I9PT1PYmplY3R9dmFyIFRhPU9iamVjdC5mcmVlemUoQShbXSkpLFVhPWZ1bmN0aW9uKGEpe2lmKEIoYS5nKSl0aHJvdyBFcnJvcihcIkNhbm5vdCBtdXRhdGUgYW4gaW1tdXRhYmxlIE1lc3NhZ2VcIik7fSxWYT1cInVuZGVmaW5lZFwiIT10eXBlb2YgU3ltYm9sJiZcInVuZGVmaW5lZFwiIT10eXBlb2YgU3ltYm9sLmhhc0luc3RhbmNlO2Z1bmN0aW9uIFdhKGEpe3JldHVybnt2YWx1ZTphLGNvbmZpZ3VyYWJsZTohMSx3cml0YWJsZTohMSxlbnVtZXJhYmxlOiExfX07ZnVuY3Rpb24gWGEoYSxiKXt2YXIgYz12b2lkIDA9PT1jPyExOmM7aWYoQXJyYXkuaXNBcnJheShhKSlyZXR1cm4gbmV3IGIoYSk7aWYoYylyZXR1cm4gbmV3IGJ9O2Z1bmN0aW9uIFlhKGEpe3N3aXRjaCh0eXBlb2YgYSl7Y2FzZSBcIm51bWJlclwiOnJldHVybiBpc0Zpbml0ZShhKT9hOlN0cmluZyhhKTtjYXNlIFwib2JqZWN0XCI6aWYoYSYmIUFycmF5LmlzQXJyYXkoYSkpe2lmKElhJiZudWxsIT1hJiZhIGluc3RhbmNlb2YgVWludDhBcnJheSlyZXR1cm4gSGEoYSk7aWYoYSBpbnN0YW5jZW9mIExhKXt2YXIgYj1hLmhiO2I9bnVsbD09Ynx8XCJzdHJpbmdcIj09PXR5cGVvZiBiP2I6SWEmJmIgaW5zdGFuY2VvZiBVaW50OEFycmF5P0hhKGIpOm51bGw7cmV0dXJuIG51bGw9PWI%2FXCJcIjphLmhiPWJ9fX1yZXR1cm4gYX07ZnVuY3Rpb24gWmEoYSxiKXtiPXZvaWQgMD09PWI%2FJGE6YjtyZXR1cm4gYWIoYSxiKX1mdW5jdGlvbiBiYihhLGIpe2lmKG51bGwhPWEpe2lmKEFycmF5LmlzQXJyYXkoYSkpYT1hYihhLGIpO2Vsc2UgaWYoU2EoYSkpe3ZhciBjPXt9LGQ7Zm9yKGQgaW4gYSljW2RdPWJiKGFbZF0sYik7YT1jfWVsc2UgYT1iKGEpO3JldHVybiBhfX1mdW5jdGlvbiBhYihhLGIpe2Zvcih2YXIgYz1hLnNsaWNlKCksZD0wO2Q8Yy5sZW5ndGg7ZCsrKWNbZF09YmIoY1tkXSxiKTtBcnJheS5pc0FycmF5KGEpJiZOYShhKSYxJiZBKGMpO3JldHVybiBjfWZ1bmN0aW9uIGNiKGEpe2lmKGEmJlwib2JqZWN0XCI9PXR5cGVvZiBhJiZhLnRvSlNPTilyZXR1cm4gYS50b0pTT04oKTthPVlhKGEpO3JldHVybiBBcnJheS5pc0FycmF5KGEpP1phKGEsY2IpOmF9ZnVuY3Rpb24gJGEoYSl7cmV0dXJuIElhJiZudWxsIT1hJiZhIGluc3RhbmNlb2YgVWludDhBcnJheT9uZXcgVWludDhBcnJheShhKTphfTt2YXIgZGI9ZnVuY3Rpb24oYSl7cmV0dXJuIGEuVnx8KGEuVj1hLmdbYS5mYSthLlhdPXt9KX0sQz1mdW5jdGlvbihhLGIsYyl7cmV0dXJuLTE9PT1iP251bGw6Yj49YS5mYT9hLlY%2FYS5WW2JdOnZvaWQgMDoodm9pZCAwPT09Yz8wOmMpJiZhLlYmJihjPWEuVltiXSxudWxsIT1jKT9jOmEuZ1tiK2EuWF19LGViPWZ1bmN0aW9uKGEsYixjLGQpe2Q9dm9pZCAwPT09ZD8hMTpkO1VhKGEpO2I8YS5mYSYmIWQ%2FYS5nW2IrYS5YXT1jOmRiKGEpW2JdPWN9LGZiPWZ1bmN0aW9uKGEsYixjLGQpe2M9dm9pZCAwPT09Yz8hMDpjO3ZhciBlPUMoYSxiLGQpO0FycmF5LmlzQXJyYXkoZSl8fChlPVRhKTtpZihCKGEuZykpYyYmKFFhKGUpLE9iamVjdC5mcmVlemUoZSkpO2Vsc2UgaWYoZT09PVRhfHxCKGUpKWU9QShlLnNsaWNlKCkpLGViKGEsYixlLGQpO3JldHVybiBlfSxEPWZ1bmN0aW9uKGEsYil7YT1DKGEsYik7YT1udWxsPT1hP2E6ISFhO3JldHVybiBudWxsPT1hPyExOmF9LEU9ZnVuY3Rpb24oYSwgYil7YT1DKGEsYik7cmV0dXJuIG51bGw9PWE%2FMDphfSxGPWZ1bmN0aW9uKGEsYil7YT1DKGEsYik7cmV0dXJuIG51bGw9PWE%2FXCJcIjphfTt2YXIgZ2I9ZnVuY3Rpb24oYSxiLGMpe2F8fChhPUcpO0c9bnVsbDt2YXIgZD10aGlzLmNvbnN0cnVjdG9yLlNiO2F8fChhPWQ%2FW2RdOltdKTt0aGlzLlg9KGQ%2FMDotMSktKHRoaXMuY29uc3RydWN0b3IuUmJ8fDApO3RoaXMuaj12b2lkIDA7dGhpcy5nPWE7YTp7ZD10aGlzLmcubGVuZ3RoO2E9ZC0xO2lmKGQmJihkPXRoaXMuZ1thXSxTYShkKSkpe3RoaXMuZmE9YS10aGlzLlg7dGhpcy&i=11-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
LVjGPqua5Lwm_5AVmHIa_RZsG7yUrcpsY_CMrEDrmkeghAcqE0llaw==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=5WPWQ7YnJlYWsgYX12b2lkIDAhPT1iJiYtMTxiPyh0aGlzLmZhPU1hdGgubWF4KGIsYSsxLXRoaXMuWCksdGhpcy5WPXZvaWQgMCk6dGhpcy5mYT1OdW1iZXIuTUFYX1ZBTFVFfWlmKGMpZm9yKGI9MDtiPGMubGVuZ3RoO2IrKylpZihhPWNbYl0sYTx0aGlzLmZhKWErPXRoaXMuWCwoZD10aGlzLmdbYV0pP0FycmF5LmlzQXJyYXkoZCkmJkEoZCk6dGhpcy5nW2FdPVRhO2Vsc2V7ZD1kYih0aGlzKTt2YXIgZT1kW2FdO2U%2FQXJyYXkuaXNBcnJheShlKSYmQShlKTpkW2FdPVRhfX07bj1nYi5wcm90b3R5cGU7IG4udG9KU09OPWZ1bmN0aW9uKCl7cmV0dXJuIFphKHRoaXMuZyxjYil9O24uZ2V0RXh0ZW5zaW9uPWZ1bmN0aW9uKGEpe3JldHVybiBhLlFiKHRoaXMpfTtuLmhhc0V4dGVuc2lvbj1mdW5jdGlvbihhKXtyZXR1cm4gbnVsbCE9Qyh0aGlzLGEuUGIpfTtuLmNsb25lPWZ1bmN0aW9uKCl7dmFyIGE9WmEodGhpcy5nKTtHPWE7YT1uZXcgdGhpcy5jb25zdHJ1Y3RvcihhKTtHPW51bGw7aGIoYSx0aGlzKTtyZXR1cm4gYX07bi50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB0aGlzLmcudG9TdHJpbmcoKX07IGZ1bmN0aW9uIGhiKGEsYil7Yi5qYSYmKGEuamE9Yi5qYS5zbGljZSgpKTt2YXIgYz1iLmo7aWYoYyl7Yj1iLlY7Zm9yKHZhciBkIGluIGMpe3ZhciBlPWNbZF07aWYoZSl7dmFyIGY9ISghYnx8IWJbZF0pLGw9K2Q7aWYoQXJyYXkuaXNBcnJheShlKSl7aWYoZS5sZW5ndGgpe3ZhciBnPWE7Zj12b2lkIDA9PT1mPyExOmY7dmFyIGg9QihnLmcpO3ZhciBrPWc7dmFyIG09ZVswXS5jb25zdHJ1Y3RvcixyPWYscD1oO3A9dm9pZCAwPT09cD8hMDpwO2suanx8KGsuaj17fSk7dmFyIFQ9QihrLmcpLHE9ay5qW2xdO3I9ZmIoayxsLCEwLHIpO3ZhciBPYT1UfHxCKHIpO2lmKCFxKXtxPVtdO1Q9VHx8T2E7Zm9yKHZhciBQYT0wO1BhPHIubGVuZ3RoO1BhKyspe3ZhciBVPXJbUGFdO1Q9VHx8QihVKTtVPVhhKFUsbSk7dm9pZCAwIT09VSYmKHEucHVzaChVKSxPYSYmUWEoVS5nKSl9ay5qW2xdPXE7UmEociwhVCl9bT1PYXx8cDtwPUIocSk7bSYmIXAmJihPYmplY3QuaXNGcm96ZW4ocSkmJihrLmpbbF09IHE9cS5zbGljZSgpKSxRYShxKSxPYmplY3QuZnJlZXplKHEpKTshbSYmcCYmKGsualtsXT1xPXEuc2xpY2UoKSk7az1xO2w9ZmIoZyxsLGYpO2lmKCEoZz1oKSYmKGc9bCkpe2lmKCFBcnJheS5pc0FycmF5KGwpKXRocm93IEVycm9yKFwiY2Fubm90IGNoZWNrIG11dGFiaWxpdHkgc3RhdGUgb2Ygbm9uLWFycmF5XCIpO2c9IShOYShsKSY4KX1pZihnKXtmb3IoZz0wO2c8ay5sZW5ndGg7ZysrKShmPWtbZ10pJiZCKGYuZykmJiFoJiYoa1tnXT1rW2ddLkVhKHphKSxsW2ddPWtbZ10uZyk7UmEobCwhMCl9bD1rO2ZvcihoPTA7aDxNYXRoLm1pbihsLmxlbmd0aCxlLmxlbmd0aCk7aCsrKWhiKGxbaF0sZVtoXSl9fWVsc2UgaD1hLGc9ZixnPXZvaWQgMD09PWc%2FITE6ZyxmPWgscT1lLmNvbnN0cnVjdG9yLG09ZywtMT09PWw%2FZj1udWxsOihmLmp8fChmLmo9e30pLChrPWYualtsXSk%2FZj1rOihxPVhhKEMoZixsLG0pLHEpLHZvaWQgMD09cT9mPWs6KGYualtsXT1xLEIoZi5nKSYmUWEocS5nKSxmPSBxKSkpLG51bGwhPWYmJkIoZi5nKSYmIUIoaC5nKSYmKGY9Zi5FYSh6YSksZWIoaCxsLGYuZyxnKSxoLmpbbF09ZiksbD1mLGwmJmhiKGwsZSl9fX19dmFyIEc7dmFyIGliPWZ1bmN0aW9uKCl7Z2IuYXBwbHkodGhpcyxhcmd1bWVudHMpfTtuYShpYixnYik7aWIucHJvdG90eXBlLkVhPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXN9O2lmKFZhKXt2YXIgamI9e307T2JqZWN0LmRlZmluZVByb3BlcnRpZXMoaWIsKGpiW1N5bWJvbC5oYXNJbnN0YW5jZV09V2EoZnVuY3Rpb24oKXt0aHJvdyBFcnJvcihcIkNhbm5vdCBwZXJmb3JtIGluc3RhbmNlb2YgY2hlY2tzIGZvciBNdXRhYmxlTWVzc2FnZVwiKTt9KSxqYikpfTtmdW5jdGlvbiBrYihhLGIsYyxkLGUsZil7aWYoYT1hLmomJmEualtjXSlpZihBcnJheS5pc0FycmF5KGEpKXtlPWYuc2E%2FQShhLnNsaWNlKCkpOmE7VWEoYik7aWYobnVsbCE9ZSl7Zj1BKFtdKTtkPSExO2ZvcihhPTA7YTxlLmxlbmd0aDthKyspZlthXT1lW2FdLmcsZD1kfHxCKGZbYV0pO2Iuanx8KGIuaj17fSk7Yi5qW2NdPWU7UmEoZiwhZCl9ZWxzZSBiLmomJihiLmpbY109dm9pZCAwKSxmPVRhO2ViKGIsYyxmKX1lbHNlIFVhKGIpLGIuanx8KGIuaj17fSksZT1udWxsIT1hP2EuZzphLGIualtjXT1hLGViKGIsYyxlKTtlbHNlIElhJiZkIGluc3RhbmNlb2YgVWludDhBcnJheT9lPWQubGVuZ3RoP25ldyBMYShuZXcgVWludDhBcnJheShkKSk6S2F8fChLYT1uZXcgTGEobnVsbCkpOihBcnJheS5pc0FycmF5KGQpJiYoZT9RYShkKTpBcnJheS5pc0FycmF5KGQpJiZOYShkKSYxJiZmLnNhJiYoZD1kLnNsaWNlKCkpKSxlPWQpLGViKGIsYyxlKX07dmFyIGxiPWZ1bmN0aW9uKCl7aWIuYXBwbHkodGhpcyxhcmd1bWVudHMpfTtuYShsYixpYik7IGxiLnByb3RvdHlwZS5FYT1mdW5jdGlvbihhKXtpZihhIT09emEpdGhyb3cgRXJyb3IoXCJyZXF1aXJlcyBhIHZhbGlkIGltbXV0YWJsZSBBUEkgdG9rZW5cIik7aWYoQih0aGlzLmcpKXthPXtzYTohMH07dmFyIGI9Qih0aGlzLmcpO2lmKGImJiFhLnNhKXRocm93IEVycm9yKFwiY29weVJlcGVhdGVkRmllbGRzIG11c3QgYmUgdHJ1ZSBmb3IgZnJvemVuIG1lc3NhZ2VzXCIpO3ZhciBjPW5ldyB0aGlzLmNvbnN0cnVjdG9yO3RoaXMuamEmJihjLmphPXRoaXMuamEuc2xpY2UoKSk7Zm9yKHZhciBkPXRoaXMuZyxlPTA7ZTxkLmxlbmd0aDtlKyspe3ZhciBmPWRbZV07aWYoZT09PWQubGVuZ3RoLTEmJlNhKGYpKWZvcihnIGluIGYpe3ZhciBsPStnO051bWJlci5pc05hTihsKT9kYihjKVtnXT1mW2ddOmtiKHRoaXMsYyxsLGZbZ10sYixhKX1lbHNlIGtiKHRoaXMsYyxlLXRoaXMuWCxmLGIsYSl9dmFyIGc9Y31lbHNlIGc9dGhpcztyZXR1cm4gZ307IGlmKFZhKXt2YXIgbWI9e307T2JqZWN0LmRlZmluZVByb3BlcnRpZXMobGIsKG1iW1N5bWJvbC5oYXNJbnN0YW5jZV09V2EoT2JqZWN0W1N5bWJvbC5oYXNJbnN0YW5jZV0pLG1iKSl9O3ZhciBuYj1mdW5jdGlvbihhKXtsYi5jYWxsKHRoaXMsYSl9O25hKG5iLGxiKTtmdW5jdGlvbiBvYihhLGIpe2lmKCFhfHwvWz8mXWRzaD0xKCZ8JCkvLnRlc3QoYSkpcmV0dXJuIG51bGw7aWYoL1s%2FJl1hZT0xKCZ8JCkvLnRlc3QoYSkpe3ZhciBjPS9bPyZdYWR1cmw9KFteJl0rKS8uZXhlYyhhKTtpZighYylyZXR1cm4gbnVsbDtiPWI%2FYy5pbmRleDphLmxlbmd0aDt0cnl7cmV0dXJue0dhOmEuc2xpY2UoMCxiKStcIiZhY3Q9MVwiK2Euc2xpY2UoYiksTmE6ZGVjb2RlVVJJQ29tcG9uZW50KGNbMV0pfX1jYXRjaChlKXtyZXR1cm4gbnVsbH19aWYoL1s%2FJl1hZT0yKCZ8JCkvLnRlc3QoYSkpe2M9YTt2YXIgZD1cIlwiO2ImJihiPWEuaW5kZXhPZihcIiZhZHVybD1cIiksMDxiJiYoYz1hLnNsaWNlKDAsYiksZD1hLnNsaWNlKGIpKSk7cmV0dXJue0dhOmMrXCImYWN0PTFcIitkLE5hOmMrXCImZGN0PTFcIitkfX1yZXR1cm4gbnVsbH07LyogIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovIHZhciBIPWZ1bmN0aW9uKGEsYil7dGhpcy5hYj1iPT09cGI%2FYTpcIlwifTtILnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB0aGlzLmFiLnRvU3RyaW5nKCl9O3ZhciBxYj1mdW5jdGlvbihhKXtyZXR1cm4gYSBpbnN0YW5jZW9mIEgmJmEuY29uc3RydWN0b3I9PT1IP2EuYWI6XCJ0eXBlX2Vycm9yOlNhZmVVcmxcIn0scmI9ZnVuY3Rpb24oYSl7dmFyIGI9U3RyaW5nKGEuc2xpY2UoMCw0KSkudG9Mb3dlckNhc2UoKTswPT0oXCJ0ZWw6XCI8Yj8tMTpcInRlbDpcIj09Yj8wOjEpfHwoYT1cImFib3V0OmludmFsaWQjekNsb3N1cmV6XCIpO3JldHVybiBuZXcgSChhLHBiKX0scGI9e30sc2I9bmV3IEgoXCJhYm91dDppbnZhbGlkI3pDbG9zdXJlelwiLHBiKTt2YXIgdGI9ZnVuY3Rpb24oYSl7dGhpcy50Yj1hfTtmdW5jdGlvbiB1YihhKXtyZXR1cm4gbmV3IHRiKGZ1bmN0aW9uKGIpe3JldHVybiBiLnN1YnN0cigwLGEubGVuZ3RoKzEpLnRvTG93ZXJDYXNlKCk9PT1hK1wiOlwifSl9dmFyIHZiPVt1YihcImRhdGFcIiksdWIoXCJodHRwXCIpLHViKFwiaHR0cHNcIiksdWIoXCJtYWlsdG9cIiksdWIoXCJmdHBcIiksbmV3IHRiKGZ1bmN0aW9uKGEpe3JldHVybi9eW146XSooWy8%2FI118JCkvLnRlc3QoYSl9KV07dmFyIHdiPWZ1bmN0aW9uKGEsYixjKXthLmFkZEV2ZW50TGlzdGVuZXImJmEuYWRkRXZlbnRMaXN0ZW5lcihiLGMsITEpfTt2YXIgeGI9ZnVuY3Rpb24oYSxiKXt0aGlzLndpZHRoPWE7dGhpcy5oZWlnaHQ9Yn07bj14Yi5wcm90b3R5cGU7bi5jbG9uZT1mdW5jdGlvbigpe3JldHVybiBuZXcgeGIodGhpcy53aWR0aCx0aGlzLmhlaWdodCl9O24uYXNwZWN0UmF0aW89ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy53aWR0aC90aGlzLmhlaWdodH07bi5jZWlsPWZ1bmN0aW9uKCl7dGhpcy53aWR0aD1NYXRoLmNlaWwodGhpcy53aWR0aCk7dGhpcy5oZWlnaHQ9TWF0aC5jZWlsKHRoaXMuaGVpZ2h0KTtyZXR1cm4gdGhpc307bi5mbG9vcj1mdW5jdGlvbigpe3RoaXMud2lkdGg9TWF0aC5mbG9vcih0aGlzLndpZHRoKTt0aGlzLmhlaWdodD1NYXRoLmZsb29yKHRoaXMuaGVpZ2h0KTtyZXR1cm4gdGhpc307bi5yb3VuZD1mdW5jdGlvbigpe3RoaXMud2lkdGg9TWF0aC5yb3VuZCh0aGlzLndpZHRoKTt0aGlzLmhlaWdodD1NYXRoLnJvdW5kKHRoaXMuaGVpZ2h0KTtyZXR1cm4gdGhpc307IG4uc2NhbGU9ZnVuY3Rpb24oYSxiKXt0aGlzLndpZHRoKj1hO3RoaXMuaGVpZ2h0Kj1cIm51bWJlclwiPT09dHlwZW9mIGI%2FYjphO3JldHVybiB0aGlzfTt2YXIgeWI9UmVnRXhwKFwiXig%2FOihbXjovPyMuXSspOik%2FKD86Ly8oPzooW15cXFxcXFxcXC8%2FI10qKUApPyhbXlxcXFxcXFxcLz8jXSo%2FKSg%2FOjooWzAtOV0rKSk%2FKD89W1xcXFxcXFxcLz8jXXwkKSk%2FKFtePyNdKyk%2FKD86XFxcXD8oW14jXSopKT8oPzojKFtcXFxcc1xcXFxTXSopKT8kXCIpLHpiPWZ1bmN0aW9uKGEsYil7aWYoYSl7YT1hLnNwbGl0KFwiJlwiKTtmb3IodmFyIGM9MDtjPGEubGVuZ3RoO2MrKyl7dmFyIGQ9YVtjXS5pbmRleE9mKFwiPVwiKSxlPW51bGw7aWYoMDw9ZCl7dmFyIGY9YVtjXS5zdWJzdHJpbmcoMCxkKTtlPWFbY10uc3Vic3RyaW5nKGQrMSl9ZWxzZSBmPWFbY107YihmLGU%2FZGVjb2RlVVJJQ29tcG9uZW50KGUucmVwbGFjZSgvXFwrL2csXCIgXCIpKTpcIlwiKX19fSxBYj1mdW5jdGlvbihhLGIpe2lmKCFiKXJldHVybiBhO3ZhciBjPWEuaW5kZXhPZihcIiNcIik7MD5jJiYoYz1hLmxlbmd0aCk7dmFyIGQ9YS5pbmRleE9mKFwiP1wiKTtpZigwPmR8fGQ%2BYyl7ZD1jO3ZhciBlPVwiXCJ9ZWxzZSBlPWEuc3Vic3RyaW5nKGQrIDEsYyk7YT1bYS5zbGljZSgwLGQpLGUsYS5zbGljZShjKV07Yz1hWzFdO2FbMV09Yj9jP2MrXCImXCIrYjpiOmM7cmV0dXJuIGFbMF0rKGFbMV0%2FXCI%2FXCIrYVsxXTpcIlwiKSthWzJdfSxCYj1mdW5jdGlvbihhLGIsYyl7aWYoQXJyYXkuaXNBcnJheShiKSlmb3IodmFyIGQ9MDtkPGIubGVuZ3RoO2QrKylCYihhLFN0cmluZyhiW2RdKSxjKTtlbHNlIG51bGwhPWImJmMucHVzaChhKyhcIlwiPT09Yj9cIlwiOlwiPVwiK2VuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoYikpKSl9LENiPWZ1bmN0aW9uKGEsYil7dmFyIGM9W107Zm9yKGI9Ynx8MDtiPGEubGVuZ3RoO2IrPTIpQmIoYVtiXSxhW2IrMV0sYyk7cmV0dXJuIGMuam9pbihcIiZcIil9LEk9ZnVuY3Rpb24oYSxiKXt2YXIgYz0yPT1hcmd1bWVudHMubGVuZ3RoP0NiKGFyZ3VtZW50c1sxXSwwKTpDYihhcmd1bWVudHMsMSk7cmV0dXJuIEFiKGEsYyl9LERiPWZ1bmN0aW9uKGEsYixjKXtjPW51bGwhPWM%2FXCI9XCIrZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhjKSk6IFwiXCI7cmV0dXJuIEFiKGEsYitjKX0sRWI9ZnVuY3Rpb24oYSxiLGMsZCl7Zm9yKHZhciBlPW&i=12-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
EUVmad8ce8vzkjTW-Po4dBTBUgJeV6wAFS8oFuaJ8o7F2x828k5o4w==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=MubGVuZ3RoOzA8PShiPWEuaW5kZXhPZihjLGIpKSYmYjxkOyl7dmFyIGY9YS5jaGFyQ29kZUF0KGItMSk7aWYoMzg9PWZ8fDYzPT1mKWlmKGY9YS5jaGFyQ29kZUF0KGIrZSksIWZ8fDYxPT1mfHwzOD09Znx8MzU9PWYpcmV0dXJuIGI7Yis9ZSsxfXJldHVybi0xfSxGYj0vI3wkLyxHYj0vWz8mXSgkfCMpLzt2YXIgSGI9ZnVuY3Rpb24oYSxiKXtpZihhKWZvcih2YXIgYyBpbiBhKU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChhLGMpJiZiKGFbY10sYyxhKX0sSWI9ZnVuY3Rpb24oYSl7YT12b2lkIDA9PT1hP2RvY3VtZW50OmE7cmV0dXJuIGEuY3JlYXRlRWxlbWVudChcImltZ1wiKX07dmFyIEtiPWZ1bmN0aW9uKGEsYixjLGQpe0piKGEsYix2b2lkIDA9PT1jP251bGw6Yyx2b2lkIDA9PT1kPyExOmQpfTtmdW5jdGlvbiBKYihhLGIsYyxkKXthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KGEuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzPVtdKTt2YXIgZT1JYihhLmRvY3VtZW50KTtpZihjfHxkKXt2YXIgZj1mdW5jdGlvbihsKXtjJiZjKGwpO2lmKGQpe2w9YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHM7dmFyIGc9QmEobCxlKTswPD1nJiZBcnJheS5wcm90b3R5cGUuc3BsaWNlLmNhbGwobCxnLDEpfWUucmVtb3ZlRXZlbnRMaXN0ZW5lciYmZS5yZW1vdmVFdmVudExpc3RlbmVyKFwibG9hZFwiLGYsITEpO2UucmVtb3ZlRXZlbnRMaXN0ZW5lciYmZS5yZW1vdmVFdmVudExpc3RlbmVyKFwiZXJyb3JcIixmLCExKX07d2IoZSxcImxvYWRcIixmKTt3YihlLFwiZXJyb3JcIixmKX1lLnNyYz1iO2EuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goZSl9IGZ1bmN0aW9uIExiKGEpe3ZhciBiPXZvaWQgMD09PWI%2FITE6Yjt2YXIgYztpZihjPXcubmF2aWdhdG9yKWM9dy5uYXZpZ2F0b3IudXNlckFnZW50LGM9L0Nocm9tZS8udGVzdChjKSYmIS9FZGdlLy50ZXN0KGMpPyEwOiExO2MmJncubmF2aWdhdG9yLnNlbmRCZWFjb24%2Fdy5uYXZpZ2F0b3Iuc2VuZEJlYWNvbihhKTpLYih3LGEsdm9pZCAwLGIpfTt2YXIgTWI9ZG9jdW1lbnQsSj13aW5kb3c7ZnVuY3Rpb24gTmIoYSl7cmV0dXJuIHFiKGEpfTtmdW5jdGlvbiBPYihhLGIpe2lmKGEgaW5zdGFuY2VvZiBIKXJldHVybiBhO3ZhciBjPXZvaWQgMDtjPXZvaWQgMD09PWM%2FdmI6YzthOntjPXZvaWQgMD09PWM%2FdmI6Yztmb3IodmFyIGQ9MDtkPGMubGVuZ3RoOysrZCl7dmFyIGU9Y1tkXTtpZihlIGluc3RhbmNlb2YgdGImJmUudGIoYSkpe2M9bmV3IEgoYSxwYik7YnJlYWsgYX19Yz12b2lkIDB9Yz1jfHxzYjtjPT09c2ImJmIoYSk7cmV0dXJuIG5ldyBIKE5iKGMpLHBiKX12YXIgUWI9ZnVuY3Rpb24oYSl7dmFyIGI9KFBiKCk%2FXCJodHRwOlwiOlwiaHR0cHM6XCIpK1wiLy9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwNFwiO3JldHVybiBmdW5jdGlvbihjKXtjPXtpZDpcInVuc2FmZXVybFwiLGN0eDphLHVybDpjfTt2YXIgZD1bXTtmb3IoZSBpbiBjKUJiKGUsY1tlXSxkKTt2YXIgZT1BYihiLGQuam9pbihcIiZcIikpO25hdmlnYXRvci5zZW5kQmVhY29uJiZuYXZpZ2F0b3Iuc2VuZEJlYWNvbihlLFwiXCIpfX07dmFyIFBiPWZ1bmN0aW9uKCl7dmFyIGE9dm9pZCAwPT09YT9KOmE7cmV0dXJuXCJodHRwOlwiPT09YS5sb2NhdGlvbi5wcm90b2NvbH07dmFyIFJiPWZ1bmN0aW9uKCl7dGhpcy51Yj00RTM7dGhpcy5BYT1cIiZcIjt0aGlzLnBhPXt9O3RoaXMudmI9MDt0aGlzLmthPVtdfSxUYj1mdW5jdGlvbihhLGIsYyxkLGUpe3ZhciBmPVtdO0hiKGEsZnVuY3Rpb24obCxnKXsobD1TYihsLGIsYyxkLGUpKSYmZi5wdXNoKGcrXCI9XCIrbCl9KTtyZXR1cm4gZi5qb2luKGIpfSxTYj1mdW5jdGlvbihhLGIsYyxkLGUpe2lmKG51bGw9PWEpcmV0dXJuXCJcIjtiPWJ8fFwiJlwiO2M9Y3x8XCIsJFwiO1wic3RyaW5nXCI9PXR5cGVvZiBjJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGQ9ZHx8MCxkPGMubGVuZ3RoKXtmb3IodmFyIGY9W10sbD0wO2w8YS5sZW5ndGg7bCsrKWYucHVzaChTYihhW2xdLGIsYyxkKzEsZSkpO3JldHVybiBmLmpvaW4oY1tkXSl9fWVsc2UgaWYoXCJvYmplY3RcIj09dHlwZW9mIGEpcmV0dXJuIGU9ZXx8MCwyPmU%2FZW5jb2RlVVJJQ29tcG9uZW50KFRiKGEsYixjLGQsZSsxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9LCBWYj1mdW5jdGlvbihhLGIsYyxkKXtiPWIrXCIvL1wiK2MrZDt2YXIgZT1VYihhKS1kLmxlbmd0aDtpZigwPmUpcmV0dXJuXCJcIjthLmthLnNvcnQoZnVuY3Rpb24obSxyKXtyZXR1cm4gbS1yfSk7ZD1udWxsO2M9XCJcIjtmb3IodmFyIGY9MDtmPGEua2EubGVuZ3RoO2YrKylmb3IodmFyIGw9YS5rYVtmXSxnPWEucGFbbF0saD0wO2g8Zy5sZW5ndGg7aCsrKXtpZighZSl7ZD1udWxsPT1kP2w6ZDticmVha312YXIgaz1UYihnW2hdLGEuQWEsXCIsJFwiKTtpZihrKXtrPWMraztpZihlPj1rLmxlbmd0aCl7ZS09ay5sZW5ndGg7Yis9aztjPWEuQWE7YnJlYWt9ZD1udWxsPT1kP2w6ZH19YT1cIlwiO251bGwhPWQmJihhPWMrXCJ0cm49XCIrZCk7cmV0dXJuIGIrYX0sVWI9ZnVuY3Rpb24oYSl7dmFyIGI9MSxjO2ZvcihjIGluIGEucGEpYj1jLmxlbmd0aD5iP2MubGVuZ3RoOmI7cmV0dXJuIGEudWItMy1iLWEuQWEubGVuZ3RoLTF9O3ZhciBXYj1mdW5jdGlvbigpe3RoaXMud2I9UGIoKT9cImh0dHA6XCI6XCJodHRwczpcIjt0aGlzLks9XCJwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbVwiO3RoaXMuSj1cIi9wYWdlYWQvZ2VuXzIwND9pZD1cIjt0aGlzLmpiPSExO3RoaXMuZmI9TWF0aC5yYW5kb20oKX0sWWI9ZnVuY3Rpb24oKXt2YXIgYT1YYixiPXdpbmRvdy5nb29nbGVfc3J0OzA8PWImJjE%2BPWImJihhLmZiPWIpfSxaYj1mdW5jdGlvbihhLGIpe3ZhciBjPVhiO2lmKDE%2BYy5mYil0cnl7aWYoYiBpbnN0YW5jZW9mIFJiKXZhciBkPWI7ZWxzZSBkPW5ldyBSYixIYihiLGZ1bmN0aW9uKGYsbCl7dmFyIGc9ZCxoPWcudmIrKyxrPXt9O2tbbF09ZjtmPVtrXTtnLmthLnB1c2goaCk7Zy5wYVtoXT1mfSk7dmFyIGU9VmIoZCxjLndiLGMuSyxjLkorYStcIiZcIik7ZSYmKGMuamI%2FTGIoZSk6S2IodyxlKSl9Y2F0Y2goZil7fX07dmFyICRiPW51bGw7dmFyIGFjPWZ1bmN0aW9uKCl7dmFyIGE9dm9pZCAwPT09YT93OmE7cmV0dXJuKGE9YS5wZXJmb3JtYW5jZSkmJmEubm93JiZhLnRpbWluZz9NYXRoLmZsb29yKGEubm93KCkrYS50aW1pbmcubmF2aWdhdGlvblN0YXJ0KTpEYXRlLm5vdygpfSxiYz1mdW5jdGlvbigpe3ZhciBhPXZvaWQgMD09PWE%2FdzphO3JldHVybihhPWEucGVyZm9ybWFuY2UpJiZhLm5vdz9hLm5vdygpOm51bGx9O3ZhciBjYz1mdW5jdGlvbihhLGIpe3ZhciBjPWJjKCl8fGFjKCk7dGhpcy5sYWJlbD1hO3RoaXMudHlwZT1iO3RoaXMudmFsdWU9Yzt0aGlzLmR1cmF0aW9uPTA7dGhpcy51bmlxdWVJZD1NYXRoLnJhbmRvbSgpO3RoaXMudGFza0lkPXRoaXMuc2xvdElkPXZvaWQgMH07dmFyIEs9dy5wZXJmb3JtYW5jZSxkYz0hIShLJiZLLm1hcmsmJksubWVhc3VyZSYmSy5jbGVhck1hcmtzKSxlYz1mdW5jdGlvbihhKXt2YXIgYj0hMSxjO3JldHVybiBmdW5jdGlvbigpe2J8fChjPWEoKSxiPSEwKTtyZXR1cm4gY319KGZ1bmN0aW9uKCl7dmFyIGE7aWYoYT1kYyl7dmFyIGI7aWYobnVsbD09PSRiKXskYj1cIlwiO3RyeXthPVwiXCI7dHJ5e2E9dy50b3AubG9jYXRpb24uaGFzaH1jYXRjaChjKXthPXcubG9jYXRpb24uaGFzaH1hJiYoJGI9KGI9YS5tYXRjaCgvXFxiZGVpZD0oW1xcZCxdKykvKSk%2FYlsxXTpcIlwiKX1jYXRjaChjKXt9fWI9JGI7YT0hIWIuaW5kZXhPZiYmMDw9Yi5pbmRleE9mKFwiMTMzN1wiKX1yZXR1cm4gYX0pLGZjPWZ1bmN0aW9uKCl7dmFyIGE9d2luZG93O3RoaXMuZWE9W107dGhpcy5xYj1hfHx3O3ZhciBiPW51bGw7YSYmKGEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZT1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWV8fFtdLHRoaXMuZWE9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlLCBiPWEuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nKTt0aGlzLmhhPWVjKCl8fChudWxsIT1iP2I6MT5NYXRoLnJhbmRvbSgpKX07ZmMucHJvdG90eXBlLmRpc2FibGU9ZnVuY3Rpb24oKXt0aGlzLmhhPSExO3RoaXMuZWEhPXRoaXMucWIuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZSYmKGVjKCkmJkNhKHRoaXMuZWEsZ2MpLHRoaXMuZWEubGVuZ3RoPTApfTt2YXIgZ2M9ZnVuY3Rpb24oYSl7YSYmSyYmZWMoKSYmKEsuY2xlYXJNYXJrcyhcImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX3N0YXJ0XCIpLEsuY2xlYXJNYXJrcyhcImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX2VuZFwiKSl9O2ZjLnByb3RvdHlwZS5zdGFydD1mdW5jdGlvbihhLGIpe2lmKCF0aGlzLmhhKXJldHVybiBudWxsO2E9bmV3IGNjKGEsYik7Yj1cImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX3N0YXJ0XCI7SyYmZWMoKSYmSy5tYXJrKGIpO3JldHVybiBhfTsgZmMucHJvdG90eXBlLmVuZD1mdW5jdGlvbihhKXtpZih0aGlzLmhhJiZcIm51bWJlclwiPT09dHlwZW9mIGEudmFsdWUpe2EuZHVyYXRpb249KGJjKCl8fGFjKCkpLWEudmFsdWU7dmFyIGI9XCJnb29nX1wiK2EubGFiZWwrXCJfXCIrYS51bmlxdWVJZCtcIl9lbmRcIjtLJiZlYygpJiZLLm1hcmsoYik7IXRoaXMuaGF8fDIwNDg8dGhpcy5lYS5sZW5ndGh8fHRoaXMuZWEucHVzaChhKX19O3ZhciBoYz1mdW5jdGlvbigpe307dmFyIFhiLGljPW5ldyBmYzsoZnVuY3Rpb24oYSl7WGI9bnVsbCE9YT9hOm5ldyBXYjtcIm51bWJlclwiIT09dHlwZW9mIHdpbmRvdy5nb29nbGVfc3J0JiYod2luZG93Lmdvb2dsZV9zcnQ9TWF0aC5yYW5kb20oKSk7WWIoKTtcImNvbXBsZXRlXCI9PXdpbmRvdy5kb2N1bWVudC5yZWFkeVN0YXRlP3dpbmRvdy5nb29nbGVfbWVhc3VyZV9qc190aW1pbmd8fGljLmRpc2FibGUoKTppYy5oYSYmd2Iod2luZG93LFwibG9hZFwiLGZ1bmN0aW9uKCl7d2luZG93Lmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZ3x8aWMuZGlzYWJsZSgpfSl9KSgpO3ZhciBqYz1mdW5jdGlvbihhLGIpe3ZhciBjPVwiVWFcIjtoYy5VYSYmaGMuaGFzT3duUHJvcGVydHkoYyl8fChjPW5ldyBoYyxoYy5VYT1jKTtjPVtdOyFiLmVpZCYmYy5sZW5ndGgmJihiLmVpZD1jLnRvU3RyaW5nKCkpO1piKGEsYil9O2Z1bmN0aW9uIGtjKGEsYil7dmFyIGM9YS5zZWFyY2goLyZhZHVybD0vKTtyZXR1cm4gMD5jP2ErYjphLnNsaWNlKDAsYykrYithLnNsaWNlKGMpfTt2YXIgbGM9bmV3IFdlYWtNYXA7ZnVuY3Rpb24gbWMoYSl7dmFyIGI9dm9pZCAwPT09Yj9uYzpiO3ZhciBjPXZhKGEpLGQ9ZnVuY3Rpb24oZSl7ZT11KGUpO2UubmV4dCgpO2U9ZmEoZSk7cmV0dXJuIGIoYyxlKX07cmV0dXJuIGZ1bmN0aW9uKCl7dmFyIGU9b2EuYXBwbHkoMCxhcmd1bWVudHMpLGY9dGhpc3x8dyxsPWxjLmdldChmKTtsfHwobD17fSxsYy5zZXQoZixsKSk7Zj1sO2w9W3RoaXNdLmNvbmNhdChlIGluc3RhbmNlb2YgQXJyYXk%2FZTpmYSh1KGUpKSk7ZT1kP2QobCk6bDtpZihPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoZixlKSlmPWZbZV07ZWxzZXt2YXIgZz11KGwpO2w9Zy5uZXh0KCkudmFsdWU7Zz1mYShnKTtsPWEuYXBwbHkobCxnKTtmPWZbZV09bH1yZXR1cm4gZn19dmFyIG5jPWZ1bmN0aW9uKGEsYil7YT1bYV07Zm9yKHZhciBjPWIubGVuZ3RoLTE7MDw9YzstLWMpYS5wdXNoKHR5cGVvZiBiW2NdLGJbY10pO3JldHVybiBhLmpvaW4oXCJcXHZcIil9O2Z1bmN0aW9uIG9jKGEsYixjKXtpZighYyYmIWIpcmV0dXJuIGE7aWYoIWMpe2M9RGIoYSxcImJnXCIsYik7aWYoMkUzPj1jLmxlbmd0aClyZXR1cm4gYztjPVwiOVwifVwiOFwiIT1jJiZcIjlcIiE9Y3x8cGMoYik7cmV0dXJuIERiKGEsXCJiZ1wiLGMpfXZhciBwYz1tYyhmdW5jdGlvbihhKX&i=13-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75574
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
9M8CPKNxCkEHQUS5RCSZ2MZzRNVXILA22YRILpb7S3Ak07_BS_do2A==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=t2YXIgYj17fTtqYyhcImJnXCIsKGIuYmc9YSxiKSl9KTt2YXIgcWM9e0JiOlwiY1wiLENiOlwiZFwiLERiOlwicFwiLExPQ0FUSU9OOlwibFwiLE5iOlwidFwiLEliOlwibF9tXCIsSGI6XCJsX2xcIixKYjpcImxfc1wiLEZiOlwibF9kXCIsRWI6XCJsX2NcIixLYjpcImxfdFwiLEdiOlwibF9pXCIsTWI6XCJxXCIsTGI6XCJvcGZjXCJ9LEw9e30scmM9KEwuZD0xMSxMLmw9NDEsTC5xPTc2LEwubF9tPTc3LEwubF9sPTc4LEwubF9zPTc5LEwubF9kPTgwLEwubF9jPTgxLEwubF90PTgyLEwubF9pPTgzLEwpLE09e30sc2M9KE0ubF9tPVwibG9jYXRpb25fZm9ybWF0X21hcFwiLE0ubF9sPVwibG9jYXRpb25fZm9ybWF0X2xhbmRpbmdfcGFnZVwiLE0ubF9zPVwibG9jYXRpb25fZm9ybWF0X3N0b3JlX2luZm9cIixNLmxfZD1cImxvY2F0aW9uX2Zvcm1hdF9kaXJlY3Rpb25zXCIsTS5sX3Q9XCJsb2NhdGlvbl9mb3JtYXRfdGV4dFwiLE0ubF9pPVwibG9jYXRpb25fZm9ybWF0X2ltYWdlXCIsTSksTj17fSx0Yz0oTi5kPTM0LE4ubD0xNyxOLnE9MTcsTi5sX209MzMsTi5sX2w9OCxOLmxfcz0zNSxOLmxfZD0zNCxOLmxfYz0gMTQsTi5sX3Q9MCxOLmxfaT05LE4ub3BmYz0xMixOKSx1Yz17bGFiZWw6XCJsYWJlbFwiLGV2ZW50X3NvdXJjZTpcImVzXCIsZXZlbnRfZGF0YTpcImRcIn07dmFyIE89bWMoZnVuY3Rpb24oYSxiLGMsZCl7ZD12b2lkIDA9PT1kP3t9OmQ7ZC5pPWEuY3JlYXRpdmVJZDtkLnQ9YS50ZW1wbGF0ZUlkO2QuYz1iO2QubT1jO2QubHA9YS5sYXlvdXRQYXRoO2EuZXhwZXJpbWVudElkJiYoZC5lPWEuZXhwZXJpbWVudElkKTthLlJhJiYoZC5ncWk9YS5SYSk7YS5iYiYmKGQucXFpPWEuYmIpO2EueWIoZCl9KTtmdW5jdGlvbiB2YyhhKXtyZXR1cm4gZnVuY3Rpb24oYixjLGQpe3ZhciBlPXt9O2QmJihlLmpzbD1kKTtjJiYoZS5qc2Y9Yyk7TyhhLFwialwiLGIsZSl9fSBmdW5jdGlvbiB3YyhhLGIpe3RyeXtiKCl9Y2F0Y2goZil7YT12YyhhKTtiPWYudG9TdHJpbmcoKTtmLm5hbWUmJi0xPT1iLmluZGV4T2YoZi5uYW1lKSYmKGIrPVwiOiBcIitmLm5hbWUpO2YubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihmLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2YubWVzc2FnZSk7aWYoZi5zdGFjayl7dmFyIGM9Zi5zdGFjayxkPWI7dHJ5ey0xPT1jLmluZGV4T2YoZCkmJihjPWQrXCJcXG5cIitjKTtmb3IodmFyIGU7YyE9ZTspZT1jLGM9Yy5yZXBsYWNlKC8oKGh0dHBzPzpcXC8uLipcXC8pW15cXC86XSo6XFxkKyg%2FOi58XFxuKSopXFwyLyxcIiQxXCIpO2I9Yy5yZXBsYWNlKC9cXG4gKi9nLFwiXFxuXCIpfWNhdGNoKGwpe2I9ZH19YShiLGYubGluZU51bWJlcixmLmZpbGVOYW1lKX19ZnVuY3Rpb24geGMoYSl7amMoXCJodG1sNS1tb25cIixhKX07dmFyIFA9ZnVuY3Rpb24oKXt0aGlzLlM9bmV3IFhNTEh0dHBSZXF1ZXN0fTtQLnByb3RvdHlwZS5nZXQ9ZnVuY3Rpb24oYSxiKXtpZih0aGlzLlMmJigwPT10aGlzLlMucmVhZHlTdGF0ZXx8ND09dGhpcy5TLnJlYWR5U3RhdGUpKXRyeXt0aGlzLlMub25yZWFkeXN0YXRlY2hhbmdlPXgodGhpcy5sYix0aGlzLGIpLHRoaXMuUy5vcGVuKFwiR0VUXCIsYSwhMCksdGhpcy5TLnNlbmQobnVsbCl9Y2F0Y2goYyl7YigpfX07UC5wcm90b3R5cGUubGI9ZnVuY3Rpb24oYSl7ND09dGhpcy5TLnJlYWR5U3RhdGUmJmEoKX07dmFyIHljPWZ1bmN0aW9uKGEsYixjLGQpe2M9Y3x8ZnVuY3Rpb24oKXt2YXIgZj1PYihyYihiKSxRYig2MDYpKTt3aW5kb3cudG9wLmxvY2F0aW9uLmhyZWY9cWIoZil9O3ZhciBlPW5ldyBQOyh2b2lkIDA9PT1kPzA6ZCk%2FKGUuZ2V0KGEsZnVuY3Rpb24oKXt9KSxzZXRUaW1lb3V0KGMsMCkpOmUuZ2V0KGEsYyl9LFE9ZnVuY3Rpb24oYSxiLGMsZCxlKXt0aGlzLnRhPWE7dGhpcy5KYT1iO3RoaXMuSWE9bnVsbDt0aGlzLkJhPWM7dGhpcy5NYT1kO3RoaXMuTT10aGlzLnVhPXRoaXMuZGE9dGhpcy5MPXRoaXMuTz0hMTt0aGlzLnZhPXZvaWQgMDt0aGlzLnY9dGhpcy5UPXRoaXMuVT1udWxsO3RoaXMuS2E9dGhpcy56YT10aGlzLlhhPXRoaXMub2I9dGhpcy5lYj10aGlzLm9hPXRoaXMubmE9dGhpcy5EYT10aGlzLlFhPXRoaXMuSGE9dGhpcy5nYj0wO3RoaXMuT2E9dm9pZCAwPT09ZT8wOmV9OyBRLnByb3RvdHlwZS5uYj1mdW5jdGlvbigpe3RoaXMubmE9RGF0ZS5ub3coKTt0aGlzLk89ITE7emModGhpcyl9O1EucHJvdG90eXBlLlBhPWZ1bmN0aW9uKCl7dHJ5e3RoaXMudiYmND09dGhpcy52LnJlYWR5U3RhdGUmJnRoaXMuTCYmKHRoaXMub2E9RGF0ZS5ub3coKSx0aGlzLkw9ITEsdGhpcy52LnJlc3BvbnNlVGV4dCYmMDx0aGlzLnYucmVzcG9uc2VUZXh0Lmxlbmd0aCYmKHRoaXMuVT1cInRlbDpcIit0aGlzLnYucmVzcG9uc2VUZXh0KSl9ZmluYWxseXt6Yyh0aGlzKX19O1EucHJvdG90eXBlLkFiPWZ1bmN0aW9uKCl7dGhpcy5EYT1EYXRlLm5vdygpO3RoaXMuTT0hMTt6Yyh0aGlzKX07dmFyIHpjPWZ1bmN0aW9uKGEpe2EuZGF8fChhLk98fGEuTD9hLk18fEFjKGEpOihhLk0mJihhLk09ITEsd2luZG93LmNsZWFyVGltZW91dChhLnZhKSxhLnZhPXZvaWQgMCksQWMoYSkpKX07IFEucHJvdG90eXBlLndhPWZ1bmN0aW9uKCl7dGhpcy5NPXRoaXMuTD10aGlzLk89ITE7aWYobnVsbCE9dGhpcy5NYSl0aGlzLk1hKHRoaXMuVXx8dGhpcy5CYSk7ZWxzZXt2YXIgYT1PYihyYih0aGlzLlV8fHRoaXMuQmEpLFFiKDYwNykpO3dpbmRvdy50b3AubG9jYXRpb24uaHJlZj1xYihhKX19OyB2YXIgQWM9ZnVuY3Rpb24oYSl7aWYoIWEuZGEpe2EuZGE9ITA7YS51YT0hMDt2YXIgYj0wPT1hLm5hPzA6YS5uYS1hLkhhLGM9MD09YS5vYT8wOmEub2EtYS5RYSxkPTA9PWEuRGE%2FMDphLkRhLWEuZ2IsZT1hLlQmJmEuVC5TP2EuVC5TLnN0YXR1czpcIm5vcmVxXCIsZj1hLnY%2FYS52LnN0YXR1czpcIm5vcmVxXCIsbD0vJmN0eXBlPVxcZCsvLmV4ZWMoYS50YSk7bD1sP2xbMF06XCJcIjthLmViKys7dmFyIGc9MDswIT1hLlhhJiYwIT1hLnphJiYoZz1hLnphLWEuWGEpO2EuSWE9W1wiLy9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1jdGNfbWV0cmljc1wiLGwsXCImZGM9XCIrYS5LYSxcIiZlYz1cIithLm9iLFwiJnJjPVwiK2EuZWIsXCImY3Q9XCIrZyxcIiZjdGNfbnVtPVwiK2EuQmEsXCImY3RjX2d2bj1cIithLlUsXCImY3RjX2NzX3RpbWU9XCIrYixcIiZjdGNfZ3ZfdGltZT1cIitjLFwiJmN0Y190b190aW1lPVwiK2QsXCImY3RjX2NzX3N0YXR1cz1cIitlLFwiJmN0Y19ndl9zdGF0dXM9XCIrIGZdLmpvaW4oXCJcIik7KG5ldyBQKS5nZXQoYS5JYSx4KGEuY2IsYSkpO3dpbmRvdy5zZXRUaW1lb3V0KHgoYS5jYixhKSwyRTMpfX07US5wcm90b3R5cGUuY2I9ZnVuY3Rpb24oKXt0aGlzLnVhJiYodGhpcy51YT0hMSx0aGlzLndhKCkpfTsgdmFyIENjPWZ1bmN0aW9uKGEpe2lmKDA8YS5PYSlCYyhhKTtlbHNle3ZhciBiPURhdGUubm93KCk7YS5PfHxhLkx8fGEuTT9hLkthKys6YS56YT1iO3ZhciBjPSExLGQ9ITEsZT0hMTthLk98fChhLk89ITAsYS5kYT0hMSxhLkhhPWIsYS5uYT1iLGQ9ITApO2EuTHx8bnVsbCE9YS5VfHwoYS5MPSEwLGEuZGE9ITEsYS5RYT1iLGEub2E9YixlPSEwKTthLk18fChhLk09ITAsYS5kYT0hMSxhLmdiPWIsYz0hMCk7YyYmKGEudmE9d2luZG93LnNldFRpbWVvdXQoeChhLkFiLGEpLDJFMykpO2QmJihhLlQ9bmV3IFAsYS5ULmdldChhLnRhLHgoYS5uYixhKSkpO2lmKGUpdHJ5e2Eudj1uZXcgWE1MSHR0cFJlcXVlc3QsYS52Lm9ucmVhZHlzdGF0ZWNoYW5nZT14KGEuUGEsYSksYS52Lm9wZW4oXCJHRVRcIixhLkphLCEwKSxhLnYuc2VuZChudWxsKX1jYXRjaChmKXthLlBhKCl9fX0sQmM9ZnVuY3Rpb24oYSl7dmFyIGI9ZnVuY3Rpb24oKXthLnYmJjQ9PWEudi5yZWFkeVN0YXRlJiYoYS5MPSExLDIwMD09IGEudi5zdGF0dXMmJmEudi5yZXNwb25zZVRleHQmJjA8YS52LnJlc3BvbnNlVGV4dC5sZW5ndGgmJihhLlU9XCJ0ZWw6XCIrYS52LnJlc3BvbnNlVGV4dCkpfTthLkx8fG51bGwhPWEuVXx8KGEuTD0hMCxhLnY9bmV3IFhNTEh0dHBSZXF1ZXN0LGEudi5vbnJlYWR5c3RhdGVjaGFuZ2U9YixhLnYub3BlbihcIkdFVFwiLGEuSmEsITApLGEudi5zZW5kKG51bGwpKTthLk98fG51bGwhPWEuVHx8KGEuTz0hMCxhLlQ9bmV3IFAsYS5ULmdldChhLnRhLGZ1bmN0aW9uKCl7YS5PPSExfSkpO2EuTXx8KG51bGw9PWEuVT8oYS5NPSEwLHdpbmRvdy5zZXRUaW1lb3V0KHgoYS53YSxhKSxhLk9hKSk6YS53YSgpKX07cWEoXCJjdGNfYmRcIix5Yyk7cWEoXCJpbml0X2d2Y1wiLGZ1bmN0aW9uKGEsYixjLGQsZSl7cmV0dXJuIG5ldyBRKGEsYixjLGQsdm9pZCAwPT09ZT8wOmUpfSk7cWEoXCJjdGNfYmRfZ3ZcIixmdW5jdGlvbihhKXtDYyhhKX0pO3ZhciBEYz1mdW5jdGlvbigpe307dmFyIFI9ZnVuY3Rpb24oYSxiLGMpe3RoaXMuWWE9YTt0aGlzLnJiPWJ8fDA7dGhpcy5wYj1jO3RoaXMubWI9eCh0aGlzLkxhLHRoaXMpfTt5YShSLERjKTtSLnByb3RvdHlwZS5IPTA7Ui5wcm90b3R5cGUuc3RhcnQ9ZnVuY3Rpb24oYSl7dGhpcy5zdG9wKCk7dmFyIGI9dGhpcy5tYjthPXZvaWQgMCE9PWE%2FYTp0aGlzLnJiO2lmKFwiZnVuY3Rpb25cIiE9PXR5cGVvZiBiKWlmKGImJlwiZnVuY3Rpb25cIj09dHlwZW9mIGIuaGFuZGxlRXZlbnQpYj14KGIuaGFuZGxlRXZlbnQsYik7ZWxzZSB0aHJvdyBFcnJvcihcIkludmFsaWQgbGlzdGVuZXIgYXJndW1lbnRcIik7dGhpcy5IPTIxNDc0ODM2NDc8TnVtYmVyKGEpPy0xOncuc2V0VGltZW91dChiLGF8fDApfTtSLnByb3RvdHlwZS5zdG9wPWZ1bmN0aW9uKCl7MCE9dGhpcy5IJiZ3LmNsZWFyVGltZW91dCh0aGlzLkgpO3RoaXMuSD0wfTtSLnByb3RvdHlwZS5MYT1mdW5jdGlvbigpe3RoaXMuSD0wO3RoaXMuWWEmJnRoaXMuWWEuY2FsbCh0aGlzLnBiKX07dmFyIEVjPWZ1bmN0aW9uKGEpe2lmKGEuYWEmJlwiZnVuY3Rpb25cIj09dHlwZW9mIGEuYWEpcmV0dXJuIGEuYWEoKTtpZihcInVuZGVmaW5lZFwiIT09dHlwZW9mIE1hcCYmYSBpbnN0YW5jZW9mIE1hcHx8XCJ1bmRlZmluZWRcIiE9PXR5cGVvZiBTZXQmJmEgaW5zdGFuY2VvZiBTZXQpcmV0dXJuIEFycmF5LmZyb20oYS52YWx1ZXMoKSk7aWYoXCJzdHJpbmdcIj09PXR5cGVvZiBhKXJldHVybiBhLnNwbGl0KFwiXCIpO2lmKHNhKGEpKXtmb3IodmFyIGI9W10sYz1hLmxlbmd0aCxkPTA7ZDxjO2QrKyliLnB1c2goYVtkXSk7cmV0dXJuIGJ9Yj1bXTtjPTA7Zm9yKGQgaW4gYSliW2MrK109YVtkXTtyZXR1cm4gYn0sRmM9ZnVuY3Rpb24oYSl7aWYoYS54YSYmXCJmdW5jdGlvblwiPT10eXBlb2YgYS54YSlyZXR1cm4gYS54YSgpO2lmKCFhLmFhfHxcImZ1bmN0aW9uXCIhPXR5cGVvZiBhLmFhKXtpZihcInVuZGVmaW5lZFwiIT09dHlwZW9mIE1hcCYmYSBpbnN0YW5jZW9mIE1hcClyZXR1cm4gQXJyYXkuZnJvbShhLmtleXMoKSk7IGlmKCEoXCJ1bmRlZmluZWRcIiE9PXR5cGVvZiBTZXQmJmEgaW5zdGFuY2VvZiBTZXQpKXtpZihzYShhKXx8XCJzdHJpbmdcIj09PXR5cGVvZiBhKXt2YXIgYj1bXTthPWEubGVuZ3RoO2Zvcih2YXIgYz0wO2M8YTtjKyspYi5wdXNoKGMpO3JldHVybiBifWI9W107Yz0wO2Zvcih2YXIgZCBpbiBhKWJbYysrXT1kO3JldHVybiBifX19LEdjPWZ1bmN0aW9uKGEsYixjKXtpZihhLmZvckVhY2gmJlwiZnVuY3Rpb25cIj09dHlwZW9mIGEuZm9yRWFjaClhLmZvckVhY2goYixjKTtlbHNlIGlmKHNhKGEpfHxcInN0cmluZ1wiPT09dHlwZW9mIGEpQXJyYXkucHJvdG90eXBlLmZvckVhY2guY2FsbChhLGIsYyk7ZWxzZSBmb3IodmFyIGQ9RmMoYSksZT1FYyhhKSxmPWUubGVuZ3RoLGw9MDtsPGY7bCsrKWIuY2FsbChjLGVbbF0sZCYmZFtsXSxhKX07dmFyIFM9ZnVuY3Rpb24oYSl7dGhpcy5LPXRoaXMuY2E9dGhpcy5XPVwiXCI7dGhpcy5nYT1udWxsO3RoaXMuWj10aGlzLko9XCJcIjt0aGlzLkk9dGhpcy5zYj0hMTtpZihhIGluc3RhbmNlb2YgUyl7dGhpcy5JPWEuSTtI&i=14-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75575
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
UPAepXgQr9nol5Ah8PHXi4sfqzheuWQY8SkYV6MSPC-f7vO4nI3Mpg==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=Yyh0aGlzLGEuVyk7dmFyIGI9YS5jYTtWKHRoaXMpO3RoaXMuY2E9YjtiPWEuSztWKHRoaXMpO3RoaXMuSz1iO0ljKHRoaXMsYS5nYSk7Yj1hLko7Vih0aGlzKTt0aGlzLko9YjtKYyh0aGlzLGEuQS5jbG9uZSgpKTthPWEuWjtWKHRoaXMpO3RoaXMuWj1hfWVsc2UgYSYmKGI9U3RyaW5nKGEpLm1hdGNoKHliKSk%2FKHRoaXMuST0hMSxIYyh0aGlzLGJbMV18fFwiXCIsITApLGE9YlsyXXx8XCJcIixWKHRoaXMpLHRoaXMuY2E9S2MoYSksYT1iWzNdfHxcIlwiLFYodGhpcyksdGhpcy5LPUtjKGEsITApLEljKHRoaXMsYls0XSksYT1iWzVdfHxcIlwiLFYodGhpcyksdGhpcy5KPUtjKGEsITApLEpjKHRoaXMsYls2XXx8XCJcIiwhMCksYT1iWzddfHxcIlwiLFYodGhpcyksdGhpcy5aPUtjKGEpKTogKHRoaXMuST0hMSx0aGlzLkE9bmV3IFcobnVsbCx0aGlzLkkpKX07Uy5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXt2YXIgYT1bXSxiPXRoaXMuVztiJiZhLnB1c2goTGMoYixNYywhMCksXCI6XCIpO3ZhciBjPXRoaXMuSztpZihjfHxcImZpbGVcIj09YilhLnB1c2goXCIvL1wiKSwoYj10aGlzLmNhKSYmYS5wdXNoKExjKGIsTWMsITApLFwiQFwiKSxhLnB1c2goZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhjKSkucmVwbGFjZSgvJTI1KFswLTlhLWZBLUZdezJ9KS9nLFwiJSQxXCIpKSxjPXRoaXMuZ2EsbnVsbCE9YyYmYS5wdXNoKFwiOlwiLFN0cmluZyhjKSk7aWYoYz10aGlzLkopdGhpcy5LJiZcIi9cIiE9Yy5jaGFyQXQoMCkmJmEucHVzaChcIi9cIiksYS5wdXNoKExjKGMsXCIvXCI9PWMuY2hhckF0KDApP05jOk9jLCEwKSk7KGM9dGhpcy5BLnRvU3RyaW5nKCkpJiZhLnB1c2goXCI%2FXCIsYyk7KGM9dGhpcy5aKSYmYS5wdXNoKFwiI1wiLExjKGMsUGMpKTtyZXR1cm4gYS5qb2luKFwiXCIpfTsgUy5wcm90b3R5cGUucmVzb2x2ZT1mdW5jdGlvbihhKXt2YXIgYj10aGlzLmNsb25lKCksYz0hIWEuVztjP0hjKGIsYS5XKTpjPSEhYS5jYTtpZihjKXt2YXIgZD1hLmNhO1YoYik7Yi5jYT1kfWVsc2UgYz0hIWEuSztjPyhkPWEuSyxWKGIpLGIuSz1kKTpjPW51bGwhPWEuZ2E7ZD1hLko7aWYoYylJYyhiLGEuZ2EpO2Vsc2UgaWYoYz0hIWEuSil7aWYoXCIvXCIhPWQuY2hhckF0KDApKWlmKHRoaXMuSyYmIXRoaXMuSilkPVwiL1wiK2Q7ZWxzZXt2YXIgZT1iLkoubGFzdEluZGV4T2YoXCIvXCIpOy0xIT1lJiYoZD1iLkouc2xpY2UoMCxlKzEpK2QpfWU9ZDtpZihcIi4uXCI9PWV8fFwiLlwiPT1lKWQ9XCJcIjtlbHNlIGlmKC0xIT1lLmluZGV4T2YoXCIuL1wiKXx8LTEhPWUuaW5kZXhPZihcIi8uXCIpKXtkPTA9PWUubGFzdEluZGV4T2YoXCIvXCIsMCk7ZT1lLnNwbGl0KFwiL1wiKTtmb3IodmFyIGY9W10sbD0wO2w8ZS5sZW5ndGg7KXt2YXIgZz1lW2wrK107XCIuXCI9PWc%2FZCYmbD09ZS5sZW5ndGgmJmYucHVzaChcIlwiKTpcIi4uXCI9PSBnPygoMTxmLmxlbmd0aHx8MT09Zi5sZW5ndGgmJlwiXCIhPWZbMF0pJiZmLnBvcCgpLGQmJmw9PWUubGVuZ3RoJiZmLnB1c2goXCJcIikpOihmLnB1c2goZyksZD0hMCl9ZD1mLmpvaW4oXCIvXCIpfWVsc2UgZD1lfWM%2FKFYoYiksYi5KPWQpOmM9XCJcIiE9PWEuQS50b1N0cmluZygpO2M%2FSmMoYixhLkEuY2xvbmUoKSk6Yz0hIWEuWjtjJiYoYT1hLlosVihiKSxiLlo9YSk7cmV0dXJuIGJ9O1MucHJvdG90eXBlLmNsb25lPWZ1bmN0aW9uKCl7cmV0dXJuIG5ldyBTKHRoaXMpfTsgdmFyIEhjPWZ1bmN0aW9uKGEsYixjKXtWKGEpO2EuVz1jP0tjKGIsITApOmI7YS5XJiYoYS5XPWEuVy5yZXBsYWNlKC86JC8sXCJcIikpfSxJYz1mdW5jdGlvbihhLGIpe1YoYSk7aWYoYil7Yj1OdW1iZXIoYik7aWYoaXNOYU4oYil8fDA%2BYil0aHJvdyBFcnJvcihcIkJhZCBwb3J0IG51bWJlciBcIitiKTthLmdhPWJ9ZWxzZSBhLmdhPW51bGx9LEpjPWZ1bmN0aW9uKGEsYixjKXtWKGEpO2IgaW5zdGFuY2VvZiBXPyhhLkE9YixhLkEuQ2EoYS5JKSk6KGN8fChiPUxjKGIsUWMpKSxhLkE9bmV3IFcoYixhLkkpKX07Uy5wcm90b3R5cGUuZ2V0UXVlcnk9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5BLnRvU3RyaW5nKCl9O3ZhciBYPWZ1bmN0aW9uKGEsYixjKXtWKGEpO2EuQS5zZXQoYixjKX07Uy5wcm90b3R5cGUucmVtb3ZlUGFyYW1ldGVyPWZ1bmN0aW9uKGEpe1YodGhpcyk7dGhpcy5BLnJlbW92ZShhKTtyZXR1cm4gdGhpc307IHZhciBWPWZ1bmN0aW9uKGEpe2lmKGEuc2IpdGhyb3cgRXJyb3IoXCJUcmllZCB0byBtb2RpZnkgYSByZWFkLW9ubHkgVXJpXCIpO307Uy5wcm90b3R5cGUuQ2E9ZnVuY3Rpb24oYSl7dGhpcy5JPWE7dGhpcy5BJiZ0aGlzLkEuQ2EoYSl9OyB2YXIgUmM9ZnVuY3Rpb24oYSl7cmV0dXJuIGEgaW5zdGFuY2VvZiBTP2EuY2xvbmUoKTpuZXcgUyhhKX0sS2M9ZnVuY3Rpb24oYSxiKXtyZXR1cm4gYT9iP2RlY29kZVVSSShhLnJlcGxhY2UoLyUyNS9nLFwiJTI1MjVcIikpOmRlY29kZVVSSUNvbXBvbmVudChhKTpcIlwifSxMYz1mdW5jdGlvbihhLGIsYyl7cmV0dXJuXCJzdHJpbmdcIj09PXR5cGVvZiBhPyhhPWVuY29kZVVSSShhKS5yZXBsYWNlKGIsU2MpLGMmJihhPWEucmVwbGFjZSgvJTI1KFswLTlhLWZBLUZdezJ9KS9nLFwiJSQxXCIpKSxhKTpudWxsfSxTYz1mdW5jdGlvbihhKXthPWEuY2hhckNvZGVBdCgwKTtyZXR1cm5cIiVcIisoYT4%2BNCYxNSkudG9TdHJpbmcoMTYpKyhhJjE1KS50b1N0cmluZygxNil9LE1jPS9bI1xcL1xcP0BdL2csT2M9L1sjXFw%2FOl0vZyxOYz0vWyNcXD9dL2csUWM9L1sjXFw%2FQF0vZyxQYz0vIy9nLFc9ZnVuY3Rpb24oYSxiKXt0aGlzLkM9dGhpcy5oPW51bGw7dGhpcy5GPWF8fG51bGw7dGhpcy5JPSEhYn0sWT1mdW5jdGlvbihhKXthLmh8fCAoYS5oPW5ldyBNYXAsYS5DPTAsYS5GJiZ6YihhLkYsZnVuY3Rpb24oYixjKXthLmFkZChkZWNvZGVVUklDb21wb25lbnQoYi5yZXBsYWNlKC9cXCsvZyxcIiBcIikpLGMpfSkpfTtXLnByb3RvdHlwZS5hZGQ9ZnVuY3Rpb24oYSxiKXtZKHRoaXMpO3RoaXMuRj1udWxsO2E9Wih0aGlzLGEpO3ZhciBjPXRoaXMuaC5nZXQoYSk7Y3x8dGhpcy5oLnNldChhLGM9W10pO2MucHVzaChiKTt0aGlzLkMrPTE7cmV0dXJuIHRoaXN9O1cucHJvdG90eXBlLnJlbW92ZT1mdW5jdGlvbihhKXtZKHRoaXMpO2E9Wih0aGlzLGEpO3JldHVybiB0aGlzLmguaGFzKGEpPyh0aGlzLkY9bnVsbCx0aGlzLkMtPXRoaXMuaC5nZXQoYSkubGVuZ3RoLHRoaXMuaC5kZWxldGUoYSkpOiExfTtXLnByb3RvdHlwZS5jbGVhcj1mdW5jdGlvbigpe3RoaXMuaD10aGlzLkY9bnVsbDt0aGlzLkM9MH07dmFyIFRjPWZ1bmN0aW9uKGEsYil7WShhKTtiPVooYSxiKTtyZXR1cm4gYS5oLmhhcyhiKX07bj1XLnByb3RvdHlwZTsgbi5mb3JFYWNoPWZ1bmN0aW9uKGEsYil7WSh0aGlzKTt0aGlzLmguZm9yRWFjaChmdW5jdGlvbihjLGQpe2MuZm9yRWFjaChmdW5jdGlvbihlKXthLmNhbGwoYixlLGQsdGhpcyl9LHRoaXMpfSx0aGlzKX07bi54YT1mdW5jdGlvbigpe1kodGhpcyk7Zm9yKHZhciBhPUFycmF5LmZyb20odGhpcy5oLnZhbHVlcygpKSxiPUFycmF5LmZyb20odGhpcy5oLmtleXMoKSksYz1bXSxkPTA7ZDxiLmxlbmd0aDtkKyspZm9yKHZhciBlPWFbZF0sZj0wO2Y8ZS5sZW5ndGg7ZisrKWMucHVzaChiW2RdKTtyZXR1cm4gY307bi5hYT1mdW5jdGlvbihhKXtZKHRoaXMpO3ZhciBiPVtdO2lmKFwic3RyaW5nXCI9PT10eXBlb2YgYSlUYyh0aGlzLGEpJiYoYj1iLmNvbmNhdCh0aGlzLmguZ2V0KFoodGhpcyxhKSkpKTtlbHNle2E9QXJyYXkuZnJvbSh0aGlzLmgudmFsdWVzKCkpO2Zvcih2YXIgYz0wO2M8YS5sZW5ndGg7YysrKWI9Yi5jb25jYXQoYVtjXSl9cmV0dXJuIGJ9OyBuLnNldD1mdW5jdGlvbihhLGIpe1kodGhpcyk7dGhpcy5GPW51bGw7YT1aKHRoaXMsYSk7VGModGhpcyxhKSYmKHRoaXMuQy09dGhpcy5oLmdldChhKS5sZW5ndGgpO3RoaXMuaC5zZXQoYSxbYl0pO3RoaXMuQys9MTtyZXR1cm4gdGhpc307bi5nZXQ9ZnVuY3Rpb24oYSxiKXtpZighYSlyZXR1cm4gYjthPXRoaXMuYWEoYSk7cmV0dXJuIDA8YS5sZW5ndGg%2FU3RyaW5nKGFbMF0pOmJ9OyBuLnRvU3RyaW5nPWZ1bmN0aW9uKCl7aWYodGhpcy5GKXJldHVybiB0aGlzLkY7aWYoIXRoaXMuaClyZXR1cm5cIlwiO2Zvcih2YXIgYT1bXSxiPUFycmF5LmZyb20odGhpcy5oLmtleXMoKSksYz0wO2M8Yi5sZW5ndGg7YysrKXt2YXIgZD1iW2NdLGU9ZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhkKSk7ZD10aGlzLmFhKGQpO2Zvcih2YXIgZj0wO2Y8ZC5sZW5ndGg7ZisrKXt2YXIgbD1lO1wiXCIhPT1kW2ZdJiYobCs9XCI9XCIrZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhkW2ZdKSkpO2EucHVzaChsKX19cmV0dXJuIHRoaXMuRj1hLmpvaW4oXCImXCIpfTtuLmNsb25lPWZ1bmN0aW9uKCl7dmFyIGE9bmV3IFc7YS5GPXRoaXMuRjt0aGlzLmgmJihhLmg9bmV3IE1hcCh0aGlzLmgpLGEuQz10aGlzLkMpO3JldHVybiBhfTt2YXIgWj1mdW5jdGlvbihhLGIpe2I9U3RyaW5nKGIpO2EuSSYmKGI9Yi50b0xvd2VyQ2FzZSgpKTtyZXR1cm4gYn07IFcucHJvdG90eXBlLkNhPWZ1bmN0aW9uKGEpe2EmJiF0aGlzLkkmJihZKHRoaXMpLHRoaXMuRj1udWxsLHRoaXMuaC5mb3JFYWNoKGZ1bmN0aW9uKGIsYyl7dmFyIGQ9Yy50b0xvd2VyQ2FzZSgpO2lmKGMhPWQmJih0aGlzLnJlbW92ZShjKSx0aGlzLnJlbW92ZShkKSwwPGIubGVuZ3RoKSl7dGhpcy5GPW51bGw7Yz10aGlzLmg7dmFyIGU9Yy5zZXQ7ZD1aKHRoaXMsZCk7dmFyIGY9Yi5sZW5ndGg7aWYoMDxmKXtmb3IodmFyIGw9QXJyYXkoZiksZz0wO2c8ZjtnKyspbFtnXT1iW2ddO2Y9bH1lbHNlIGY9W107ZS5jYWxsKGMsZCxmKTt0aGlzLkMrPWIubGVuZ3RofX0sdGhpcykpO3RoaXMuST1hfTtXLnByb3RvdHlwZS5leHRlbmQ9ZnVuY3Rpb24oYSl7Zm9yKHZhciBiPTA7Yjxhcmd1bWVudHMubGVuZ3RoO2IrKylHYyhhcmd1bWVudHNbYl0sZnVuY3Rpb24oYyxkKXt0aGlzLmFkZChkLGMpfSx0aGlzKX07dmFyIFVjPVtcIkN1c3RvbV9sYXlvdXRcIixcImRlc3RpbmF0aW9uVXJsXCIsXCJkaXNwbGF5VXJsXCJdLFhjPWZ1bmN0aW9uKGEsYixjLGQpe3ZhciBlPXRoaXM7dGhpcy5tYT1hO3RoaXMuRz1iO3RoaXMucz1jOyhhPXRoaXMuRy5tb25pdG9yaW5nKSYmZCYmKHRoaXMuRD17Y3JlYXRpdmVJZDphLmNyZWF0aXZlSWR8fC0xLHRlbXBsYXRlSWQ6YS50ZW1wbGF0ZUlkfHwtMSxleHBlcmltZW50SWQ6YS5leHBlcmltZW50SWQscmVwb3J0RXJyb3JzOmEucmVwb3J0RXJyb3JzfHwhMSxyZXBvcnRQZXJmOmEucmVwb3J0UGVyZnx8ITEseWI6ZCxsYXlvdXRQYXRoOmEubGF5b3V0UGF0aCxSYTphLmdxaSxiYjphLnFxaSxydW1Vcmw6YS5ydW1VcmwsVWI6YS5ydW1jLFRiOmEubmF2U3RhcnR9KTt0aGlzLnlhPVwiXCIhPT1GKGMsOSk%2FZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoRihjLDkpKTpudWxsO3RoaXMuRmE9bmV3IFIodGhpcy54YiwxRTQsdGhpcyk7dGhpcy5OPVtdO3RoaXMucmE9XCJcIjt0aGlzLnFhPSBudWxsO3RoaXMuV2E9MDt0aGlzLm1hLnJlZ2lzdGVyQXBwbGljYXRpb25IYW5kbGVyKFwiZXhpdFwiLGZ1bmN0aW9uKGYpe1ZjKGUsZil9KTtEKHRoaXMucywxNil8fFdjKHRoaXMpO0QoYywxMCkmJnRoaXMubWEucmVnaXN0ZXJBcHBsaWNhdGlvbkhhbmRsZXIoXCJpbnRlcmFjdGlvbnNcIix4KHRoaXMuU2EsdGhpcykpO0QoYywxMSkmJnRoaXMubWEucmVnaXN0ZXJBcHBsaWNhdGlvbkhhbmRsZXIoXCJ1cmxfdXBkYXRlXCIseCh0aGlzLlRhLHRoaXMpKX0sVmM9ZnVuY3Rpb24oYSxiLGMpe1ljKGEsYi5kKTt2YXIgZD1aYyhiLnIpO2lmKCFiLm8mJigkYyhhLGIuZCl8fFwiY1wiPT1kKSl7YS5yYT1iLmJyfHxcIlwiO2EucWE9Yi5iZXx8bnVsbDt2YXIgZT1mdW5jdGlvbigpe2E6e3ZhciBnPWIuZixoPWIuYztpZihcImxfY1wiPT1kfHxcInRcIj09ZCl7dmFyIGs9RChhLnMsNSksbT1kJiZyY1tkXSxyPWQmJnRjW2RdLHA9YS5HLmN0Y19mb3JtYXR0ZWRfcG&i=15-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75575
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
9eIBQTWytSeHNxnAz4NqC49OZJ_G0yPBKkhljMN03KIV2YCXTOiMmQ==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=hvbmVfbnVtYmVyO2c9YS5HLmN0Y19jbGlja190cmFja2luZ191cmw7IChoPWEuRy5jdGNfZ29vZ2xlX3ZvaWNlX3VybCkmJihtPTUxKTttJiYoZz1JKGcsXCJjdHlwZVwiLG0pKTtyJiYoZz1JKGcsXCJuYlwiLHIpKTtoPyhrPUUoYS5zLDQpLENjKG5ldyBRKGcsaCxwLG51bGwsdm9pZCAwPT09az8wOmspKSk6eWMoZyxwLG51bGwsayl9ZWxzZSBpZihcImNcIiE9ZCl7aD1ofHxkJiZyY1tkXTtcImxfbVwiPT1kfHxcImxfc1wiPT1kfHxcImxfZFwiPT1kfHxcImxcIj09ZHx8XCJkXCI9PWQ%2FKGc9YWQoYSxkKSxrPXJjW2RdLGg9dGNbZF0sKG09c2NbZF0pJiZEKGEucywzKT8oaz1SYyhhLkcuZ29vZ2xlX2NsaWNrX3VybCksbSYmWChrLFwibGFiZWxcIixtKSx2b2lkIDAhPWgmJlgoayxcIm5iXCIsaCksZz8oay5yZW1vdmVQYXJhbWV0ZXIoXCJhZHVybFwiKSxcIlwiIT09ay5BLnRvU3RyaW5nKCk%2FZz1rLnRvU3RyaW5nKCkrXCImYWR1cmw9XCIrZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhnKSk6KFgoayxcImFkdXJsXCIsZyksZz1rLnRvU3RyaW5nKCkpKTpnPWsudG9TdHJpbmcoKSk6KG09UmMoYS5HLmdvb2dsZV9jbGlja191cmwpLCBrJiZcIjM4XCIhPW0uQS5nZXQoXCJjdHlwZVwiKSYmWChtLFwiY3R5cGVcIixrKSx2b2lkIDAhPWgmJlgobSxcIm5iXCIsaCksZz8obS5yZW1vdmVQYXJhbWV0ZXIoXCJhZHVybFwiKSxcIlwiIT09bS5BLnRvU3RyaW5nKCk%2FZz1tLnRvU3RyaW5nKCkrXCImYWR1cmw9XCIrZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhnKSk6KFgobSxcImFkdXJsXCIsZyksZz1tLnRvU3RyaW5nKCkpKTpnPW0udG9TdHJpbmcoKSksZz1iZChhLGcpLGc9b2MoZyxhLnJhLGEucWEpLGNkKGEsZyksS2IoSixnKSxoPWFkKGEsZCkpOmg9XCJsX3RcIj09ZHx8XCJsX2lcIj09ZHx8XCJsX2xcIj09ZD9kZChhLGcsaCxkKTpkZChhLGcsaCk7aWYoZz0wPEYoYS5zLDE4KS5sZW5ndGgpaz0obnVsbD09KHA9TWIuZmVhdHVyZVBvbGljeSk%2FMDpwLmFsbG93c0ZlYXR1cmUoXCJhdHRyaWJ1dGlvbi1yZXBvcnRpbmdcIikpPzM6MixoPUkoaCxcIm5pc1wiLGspO2lmKG51bGwhPWgmJi0xPT09aC5pbmRleE9mKFwiZGJtL2Nsa1wiKSYmbnVsbCE9PW9iKGgpJiZEKGEucywgMTMpKXtwPURhdGUubm93KCk7cC1hLldhPkUoYS5zLDE0KT8oKGs9b2IoaCwhMCkpP25hdmlnYXRvci5zZW5kQmVhY29uPyhtPWtjKGsuR2EsXCImcmk9MVwiKSxoPW5hdmlnYXRvci5zZW5kQmVhY29uKG0sXCJcIik%2Fe1k6ay5OYSxsYTohMH06e1k6a2MoaCxcIiZyaT0yXCIpLGxhOiExfSk6aD17WTprYyhoLFwiJnJpPTE2XCIpLGxhOiExfTpoPXtZOmgsbGE6ITF9LGs9aC5ZLGgubGEmJihhLldhPXApLHA9e1k6ayxaYTohMH0pOnA9e1k6aCxaYTohMX07aWYoIXAuWmEpYnJlYWsgYTtoPXAuWX1pZihjfHxhLmtiKXtpZihKLm9wZW4oaCxcIl9ibGFua1wiLGc%2FW1wiYXR0cmlidXRpb25zb3VyY2VldmVudGlkPVwiK0YoYS5zLDE4KSxcImF0dHJpYnV0aW9uZGVzdGluYXRpb249XCIrRihhLnMsMTkpLFwiYXR0cmlidXRpb25yZXBvcnR0bz1cIitGKGEucywyMCksXCJhdHRyaWJ1dGlvbmV4cGlyeT1cIitGKGEucywyMSldLmpvaW4oKTp2b2lkIDApKWJyZWFrIGE7YS5EJiZPKGEuRCxcImJlXCIsXCI0XCIpfXA9T2IoaCxRYig2MDQpKTsgSi50b3AubG9jYXRpb24uaHJlZj1xYihwKX19fSxmPXdpbmRvdy53aW5kb3dfZm9jdXNfZm9yX2NsaWNrO2lmKGYpe3ZhciBsPWRvY3VtZW50LmNyZWF0ZUV2ZW50KFwiTW91c2VFdmVudHNcIik7bC5pbml0TW91c2VFdmVudChcImNsaWNrXCIsITAsITEsd2luZG93LDEsMCwwLDAsMCwhMSwhMSwhMSwhMSwwLG51bGwpO2YuaGFuZGxlQ2xpY2sobCl9YS5EP3djKGEuRCxlKTplKCl9fSxXYz1mdW5jdGlvbihhKXt2YXIgYj1GKGEucywxNyl8fE1hdGguZmxvb3IoMjE0NzQ4MzY0OCpNYXRoLnJhbmRvbSgpKS50b1N0cmluZygzNikrTWF0aC5hYnMoTWF0aC5mbG9vcigyMTQ3NDgzNjQ4Kk1hdGgucmFuZG9tKCkpXkRhdGUubm93KCkpLnRvU3RyaW5nKDM2KTtKLmFkZEV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIseChmdW5jdGlvbihjKXt2YXIgZD1jLmRhdGEsZT10eXBlb2YgZDsoXCJvYmplY3RcIj09ZSYmbnVsbCE9ZHx8XCJmdW5jdGlvblwiPT1lKSYmYy5kYXRhLm49PWImJmMuZGF0YS5lciYmKGQ9Yy5kYXRhLmVyLCBkLmhhc093blByb3BlcnR5KFwiZlwiKT9WYyh0aGlzLGMuZGF0YS5lcixBYSgpKTpkLmhhc093blByb3BlcnR5KFwiaVwiKSYmRCh0aGlzLnMsMTApP3RoaXMuU2EoZC5pKTpkLmhhc093blByb3BlcnR5KFwidVwiKSYmRCh0aGlzLnMsMTEpJiZ0aGlzLlRhKGQudSkpfSxhKSwhMSk7YS5tYS5zZW5kTWVzc2FnZShcImV4aXQtcG1jZmdcIixiKX0sZGQ9ZnVuY3Rpb24oYSxiLGMsZCl7aWYoYiYmLTEhPVVjLmluZGV4T2YoYikpdGhyb3cgYS5EJiZPKGEuRCxcImJlXCIsXCI1XCIpLEVycm9yKCk7aWYoZCl7dmFyIGU9dGNbZF07dmFyIGY9c2NbZF19aWYoZD1iKWQ9KGQ9ZWQoYSxcImFkRGF0YVwiKSkmJmRbMF0mJmRbMF1bYl07ZHx8KGYmJkQoYS5zLDMpPyhjPWYsKGY9YS5HLnJlZGlyZWN0X3VybCk%2FKGMmJihmPUkoZixcImxhYmVsXCIsYykpLHZvaWQgMCE9ZSYmKGY9SShmLFwibmJcIixlKSksYz1mKTooYS5EJiZPKGEuRCxcImJlXCIsXCIzXCIpLGM9XCJcIikpOihmPWEuRy5yZWRpcmVjdF91cmwpPyhjJiYtMT09Zi5pbmRleE9mKFwiY3R5cGU9MzhcIikmJiAoZj1JKGYsXCJjdHlwZVwiLGMpKSx2b2lkIDAhPWUmJihmPUkoZixcIm5iXCIsZSkpLGM9Zik6KGEuRCYmTyhhLkQsXCJiZVwiLFwiM1wiKSxjPVwiXCIpLGQ9Yyk7ZD1iZChhLGQpO2Q9b2MoZCxhLnJhLGEucWEpO2NkKGEsZCxiKTtyZXR1cm4gZH0sYWQ9ZnVuY3Rpb24oYSxiKXtyZXR1cm5cImRcIj09Ynx8XCJsX2RcIj09Yj9mZChhLFwiZXhpdF91cmxfZGlyZWN0aW9uc1wiKTpmZChhLFwiZXhpdF91cmxfcGxhY2VcIil9LGNkPWZ1bmN0aW9uKGEsYixjKXt2YXIgZDtpZihkPWEuRCliPShuZXcgUyhiKSkuQS5nZXQoXCJhZHVybFwiKSxkPXZvaWQgMD09Ynx8XCJcIj09Ynx8XCJ1bmRlZmluZWRcIj09YjtkJiZPKGEuRCxcImJlXCIsXCIxOlwiKyhjfHxcIlwiKSl9LGZkPWZ1bmN0aW9uKGEsYil7cmV0dXJuKGE9ZWQoYSxcImxvY2F0aW9uRGF0YVwiKSkmJmFbMF0mJmFbMF1bYl19LGVkPWZ1bmN0aW9uKGEsYil7cmV0dXJuKGE9YS5HLmdvb2dsZV90ZW1wbGF0ZV9kYXRhfHx2b2lkIDApJiZhW2JdfSwkYz1mdW5jdGlvbihhLGIpe3ZhciBjOyBpZighKGM9IUFycmF5LmlzQXJyYXkoYikpJiYoYz1hLlZhKGJbYi5sZW5ndGgtMV0pKSl7dmFyIGQ9YltiLmxlbmd0aC0xXTtiPWEuRy5nb29nbGVfd2lkdGg7Yz1hLkcuZ29vZ2xlX2hlaWdodDthLnlhJiYoYj1hLnlhLmNsaWVudFdpZHRoLGM9YS55YS5jbGllbnRIZWlnaHQpO2M9bmV3IHhiKGIsYyk7Yj1kLnQ7dmFyIGU9Z2QoYSxkKTtkPWUueDtlPWUueTt2YXIgZj1FKGEucyw2KSxsPUUoYS5zLDcpLGc9Yy53aWR0aC1mLTEsaD1jLmhlaWdodC1sLTEsaz1FKGEucywxKTtjPUQoYS5zLDIpJiYoZDw9a3x8Yy53aWR0aC1kPD1rKSYmZTw9aztjPSgwPmJ8fGI%2BPUUoYS5zLDgpKSYmZD49ZiYmZDw9ZyYmZT49bCYmZTw9aCYmIWN9cmV0dXJuIGN9O1hjLnByb3RvdHlwZS5WYT1mdW5jdGlvbihhKXtyZXR1cm4gbnVsbCE9YSYmXCJudW1iZXJcIj09PXR5cGVvZiBhLngmJlwibnVtYmVyXCI9PT10eXBlb2YgYS55JiZcIm51bWJlclwiPT09dHlwZW9mIGEudCYmXCJudW1iZXJcIj09PXR5cGVvZiBhLmV9OyB2YXIgWWM9ZnVuY3Rpb24oYSxiKXtBcnJheS5pc0FycmF5KGIpJiYoYS5OLnB1c2goYltiLmxlbmd0aC0xXSksJGMoYSxiKT8oYT1hLkZhLGEuc3RvcCgpLGEuTGEoKSk6MCE9YS5GYS5IfHxhLkZhLnN0YXJ0KCkpfTtYYy5wcm90b3R5cGUueGI9ZnVuY3Rpb24oKXtpZihBcnJheS5pc0FycmF5KHRoaXMuTikmJnRoaXMuRCl7dmFyIGE9RWEoRGEodGhpcy5OLHRoaXMuVmEpLGZ1bmN0aW9uKGIpe3ZhciBjPWdkKHRoaXMsYik7cmV0dXJuW2MueC50b0ZpeGVkKCksYy55LnRvRml4ZWQoKSxiLnQsYi5lXS5qb2luKFwiX1wiKX0uYmluZCh0aGlzKSk7Tyh0aGlzLkQsXCJjZFwiLCgkYyh0aGlzLHRoaXMuTik%2FXCIxIVwiOlwiMCFcIikrYS5sZW5ndGgrXCIhXCIrKHRoaXMuTi5sZW5ndGgtYS5sZW5ndGgpK1wiIVwiK2Euam9pbihcIn5cIikpO3RoaXMuTj1bXX19OyBYYy5wcm90b3R5cGUuU2E9ZnVuY3Rpb24oYSl7YT1hLmk7dmFyIGI9dGhpcy5HLmdvb2dsZV9haXRfdXJsLGM7Zm9yKGMgaW4gdWMpaWYoYyBpbiBhKXtmb3IodmFyIGQ9dWNbY10sZT1hW2NdLGY9YixsPWQsZz1mLnNlYXJjaChGYiksaD0wLGs9W107MDw9KGI9RWIoZixoLGwsZykpOylrLnB1c2goZi5zdWJzdHJpbmcoaCxiKSksaD1NYXRoLm1pbihmLmluZGV4T2YoXCImXCIsYikrMXx8ZyxnKTtrLnB1c2goZi5zbGljZShoKSk7Yj1rLmpvaW4oXCJcIikucmVwbGFjZShHYixcIiQxXCIpO2I9RGIoYixkLGUpfUtiKEosYil9O1hjLnByb3RvdHlwZS5UYT1mdW5jdGlvbihhKXt2YXIgYj1lZCh0aGlzLFwiYWREYXRhXCIpO2E9YS5mO2Zvcih2YXIgYyBpbiBhKWJbMF1bY109YVtjXX07IHZhciBiZD1mdW5jdGlvbihhLGIpe2lmKCFhLk58fDA9PWEuTi5sZW5ndGgpcmV0dXJuIGI7dmFyIGM9YS5OO2E9Z2QoYSxjW2MubGVuZ3RoLTFdKTtyZXR1cm4gSShiLFwibnhcIixNYXRoLnJvdW5kKGEueCksXCJueVwiLE1hdGgucm91bmQoYS55KSl9LGdkPWZ1bmN0aW9uKGEsYil7YT1DKGEucywxMik7YT1udWxsPT1hP2E6K2E7YT0obnVsbD09YT8wOmEpfHwxO3JldHVybnt4OmIueCphLHk6Yi55KmF9fTtmdW5jdGlvbiBaYyhhKXthOntmb3IoYiBpbiBxYylpZihxY1tiXT09YSl7dmFyIGI9ITA7YnJlYWsgYX1iPSExfWlmKGImJlwib3BmY1wiIT1hKXJldHVybiBhfTt2YXIgaGQ9ZnVuY3Rpb24oYSxiLGMsZCl7WGMuY2FsbCh0aGlzLGEsYixjLHhjKTt0aGlzLmtiPSEhZH07bmEoaGQsWGMpO3ZhciBpZDt2YXIgamQ9d2luZG93LmV4aXRDb25maWc7aWYobnVsbD09amR8fFwiXCI9PWpkKWlkPW5ldyBuYjtlbHNle3ZhciBrZD1KU09OLnBhcnNlKGpkKTtpZighQXJyYXkuaXNBcnJheShrZCkpdGhyb3cgRXJyb3IoXCJFeHBlY3RlZCB0byBkZXNlcmlhbGl6ZSBhbiBBcnJheSBidXQgZ290IFwiK3JhKGtkKStcIjogXCIra2QpO0c9a2Q7dmFyIGxkPW5ldyBuYihrZCk7Rz1udWxsO2lkPWxkfW5ldyBoZCh3aW5kb3cuc2VjdXJlQ2hhbm5lbCx3aW5kb3cuYWREYXRhLGlkLCExKTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PlxuPHNjcmlwdD52dShcImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc%2FYWlcXHgzZEN0Nmhia0FPYllvdWNOWV91X2dUVTZvcjRCTl9kdDZkcWthRG5vdGdOMnRrZUVBRWctWnZ4aEFGZ3lmYW1qTkNrNUEtZ0FiV1F4TUFEeUFFSjRBSUFxQU1CeUFOSXFnVEhBa19RdzF6MTBoS1Z4VmRvVWR4SVI5dVZjM3BOMjdtZHcyOE1pWmFyUW9JN1R0ZDlpNlhRa2RELS13YlhMLUN1cW5lUUlQcXcwaGNuVVBld2JqVUpYNkJHRkVvZmN6Nk01RTdTeW1RZkhUdVpPMWVrLXlzNE9BcmJ3c3F6ZjQ3ZXZfZzNOT1RKWGJiSFdKdGdaZEhkR3VTTk1lSmtqZVFUeFg4TDRtb0NmSFEzY0NiZ0stRjJnc1NaUm80VkVmbkJDckJZR1VIT1EwTHgxWXFvS0FqbHR1cGo0VElLeEcxYXl5cktVVkdDbXNCZGgyNHpkYTE2aEtkbGZab1U3S3VNZWhlYjJqMG1XSTJRbDUzZnoxRGRKeTRxOGpTd3dJX1ZmcE9WUUFnbXBfZlJudk9pYjVGYlY2LVY0a3BsY2VwZVo2X2d1eHJmQmdLUDZPMElLUldCRGlwNnAzX0pnanZsSEktTjRob085M3B3d2pDeF95NG01azkzdnV0d0xCNkNPclA1X2tBNTFYbDVjVms0eWhTZlBBa1NwSVpESG9yUFB2Zk45ekc2Ym5JMUpRMmg0UnotQU1BRXY1V1A4ODBENEFRQmtnVUVDQVFZQVpJRkJBZ0ZHQVNTQlFRSUJSZ1lrZ1VGQ0FVWXFBR2dCaTZBQjdQdnV6LW9CNDdPRzZnSGs5Z2JxQWZ1bHJFQ3FBZi1uck&i=16-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75575
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
am86ROs06o9srkCk2k4rPsF93r0HyUec1sXOHKDCkVuHle8Gp8jUMQ==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=VDcUFla283RUNxQWZWeVJ1b0I2YS1HOWdIQVBJSEJCQzE3MmpTQ0FjSWdHRVFBUmdkZ0FvRHlBc0IyQk1OMEJVQmdCY0JzaGNlQ2h3SUFCSVVjSFZpTFRReE1UTTJPREU0T0RJek1URTBOVFVZaE50N1xceDI2c2lnaFxceDNkckRMNEQzeVhwNU1cXHgyNnVhY2hfbVxceDNkW1VBQ0hdXFx4MjZ0ZW1wbGF0ZV9pZFxceDNkNDE5XCIpPC9zY3JpcHQ%2BXG48c2NyaXB0IGRhdGEtamM9XCI2MFwiIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvcjIwMjIwNjAxL3IyMDExMDkxNC9hYmdfbGl0ZV9meTIwMTkuanNcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyMjA2MDFcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BYnVpbGRBdHRyaWJ1dGlvbihbW251bGwsXCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW1hZ2VzL210YWQveF9ibHVlLnBuZ1wiLG51bGwsXCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW1hZ2VzL210YWQveF9ibHVlLnBuZ1wiLFwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DRm04V2tBT2JZb3VjTllfdV9nVFU2b3I0Qk5fZHQ2ZHFrYURub3RnTjJ0a2VFQUVnLVp2eGhBRmd5ZmFtak5DazVBLWdBYldReE1BRHlBRUo0QUlBcUFNQnlBTklxZ1RLQWtfUXcxejEwaEtWeFZkb1VkeElSOXVWYzNwTjI3bWR3MjhNaVphclFvSTdUdGQ5aTZYUWtkRC0td2JYTC1DdXFuZVFJUHF3MGhjblVQZXdialVKWDZCR0ZFb2ZjejZNNUU3U3ltUWZIVHVaTzFlay15czRPQXJid3NxemY0N2V2X2czTk9USlhiYkhXSnRnWmRIZEd1U05NZUpramVRVHhYOEw0bW9DZkhRM2NDYmdLLUYyZ3NTWlJvNFZFZm5CQ3JCWUdVSE9RMEx4MVlxb0tBamx0dXBqNFRJS3hHMWF5eXJLVVZHQ21zQmRoMjR6ZGExNmhLZGxmWm9VN0t1TWVoZWIyajBtV0kyUWw1M2Z6MURkSnk0cThqU3d3SV9WZnBPVlFBZ21wX2ZSbnZPaWI1RmJWNi1WNGtwbGNlcGVaNl9ndXhyZkJnS1A2TzBJS1JXQkRpcDZwM19KZ2p2bEhJLU40aG9POTNwd3dqQ3hfeTRtNWs5M3Z1dHdMQjZDT3JQNXZFSVpSNTJ3eUVYTmN6QnkxVl8tWlZ0Mk50X2hKaWs2Qm1kV3Bmb2lDUlZIREwzaTlSMzBfc0FFdjVXUDg4MEQ0QVFCb0FZdWdBZXo3N3NfcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh1b0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmZm43RUMyQWNBMGdnSENJQmhFQUVZSGJFSjFBQTc2RG80NXpDQUNnT1lDd0hJQ3dHQURBRzREQUhZRXczUUZRSDRGZ0dBRndFXFx1MDAyNnNpZ2g9WnJwc3VXSnZ0Z0FcXHUwMDI2Y2lkPUNBUVNQQUNOSXJMTVlXR0dneXpzR08tY1NQNXhub25FZHktdmFUVGd2Sm52ZmZIalQzSi1PV2hxMkk2Sl9OSk5xdXFRakt1ZHZZaHFIdC1malFLODZnXCIsXCJsOElzdUxuczZVQUlrYURub3RnTkVLV0htWll2R012LXJqNGlER1poWkdWeWNISnZMbU52YlRJSUNBVVRHSnVFTEJSQ0YyTmhMWEIxWWkwME1URXpOamd4T0RneU16RXhORFUxU0FWWUxtQ2pBM0FCcUFFQlwiLFtcInVzZXJfZmVlZGJhY2tfbWVudV9pbnRlcmFjdGlvblwiLFwiXCIsMF0sbnVsbCxudWxsLG51bGwsbnVsbCxcIldoYXQgd2FzIHdyb25nIHdpdGggdGhpcyBhZD9cIixudWxsLFwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ltYWdlcy9tdGFkL2JhY2tfYmx1ZS5wbmdcIixcIlRoYW5rcyBmb3IgdGhlIGZlZWRiYWNrIVwiLFwiV2XigJlsbCByZXZpZXcgdGhpcyBhZCB0byBpbXByb3ZlIHRoZSBleHBlcmllbmNlIGluIHRoZSBmdXR1cmUuXCIsXCJUaGFua3MgZm9yIHRoZSBmZWVkYmFjayFcIixcIldl4oCZbGwgdXNlIHlvdXIgZmVlZGJhY2sgdG8gcmV2aWV3IGFkcyBvbiB0aGlzIHNpdGUuXCIsbnVsbCxudWxsLG51bGwsXCJDbG9zaW5nIGFkOiAlMSRkXCIsXCJBZENob2ljZXNcIixcImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbWFnZXMvbXRhZC9hZF9jaG9pY2VzX2JsdWUucG5nXCIsXCJodHRwczovL3d3dy5nb29nbGUuY29tL3VybD9jdD1hYmdcXHUwMDI2cT1odHRwczovL3d3dy5nb29nbGUuY29tL2Fkc2Vuc2Uvc3VwcG9ydC9iaW4vcmVxdWVzdC5weSUzRmNvbnRhY3QlM0RhYmdfYWZjJTI2dXJsJTNEaHR0cHM6Ly93d3cuaXBob25laW5jYW5hZGEuY2EvbmV3cy9wcmVkYXRvci1zcHl3YXJlLWZvci1pcGhvbmVzLXVuY292ZXJlZC1ieS10b3JvbnRvLXJlc2VhcmNoZXJzLyUyNmdsJTNEVVMlMjZobCUzRGVuJTI2Y2xpZW50JTNEY2EtcHViLTQxMTM2ODE4ODIzMTE0NTUlMjZhaTAlM0RDRm04V2tBT2JZb3VjTllfdV9nVFU2b3I0Qk5fZHQ2ZHFrYURub3RnTjJ0a2VFQUVnLVp2eGhBRmd5ZmFtak5DazVBLWdBYldReE1BRHlBRUo0QUlBcUFNQnlBTklxZ1RLQWtfUXcxejEwaEtWeFZkb1VkeElSOXVWYzNwTjI3bWR3MjhNaVphclFvSTdUdGQ5aTZYUWtkRC0td2JYTC1DdXFuZVFJUHF3MGhjblVQZXdialVKWDZCR0ZFb2ZjejZNNUU3U3ltUWZIVHVaTzFlay15czRPQXJid3NxemY0N2V2X2czTk9USlhiYkhXSnRnWmRIZEd1U05NZUpramVRVHhYOEw0bW9DZkhRM2NDYmdLLUYyZ3NTWlJvNFZFZm5CQ3JCWUdVSE9RMEx4MVlxb0tBamx0dXBqNFRJS3hHMWF5eXJLVVZHQ21zQmRoMjR6ZGExNmhLZGxmWm9VN0t1TWVoZWIyajBtV0kyUWw1M2Z6MURkSnk0cThqU3d3SV9WZnBPVlFBZ21wX2ZSbnZPaWI1RmJWNi1WNGtwbGNlcGVaNl9ndXhyZkJnS1A2TzBJS1JXQkRpcDZwM19KZ2p2bEhJLU40aG9POTNwd3dqQ3hfeTRtNWs5M3Z1dHdMQjZDT3JQNXZFSVpSNTJ3eUVYTmN6QnkxVl8tWlZ0Mk50X2hKaWs2Qm1kV3Bmb2lDUlZIREwzaTlSMzBfc0FFdjVXUDg4MEQ0QVFCb0FZdWdBZXo3N3NfcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh1b0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmZm43RUMyQWNBMGdnSENJQmhFQUVZSGJFSjFBQTc2RG80NXpDQUNnT1lDd0hJQ3dHQURBRzREQUhZRXczUUZRSDRGZ0dBRndFXFx1MDAyNnVzZz1BT3ZWYXcxY0JvQk94Ulp5REZDSXJPMVFSdmk4XCIsXCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW1hZ2VzL210YWQveF9ibHVlLnBuZ1wiLDAsW1tcIlNlbmQgZmVlZGJhY2tcIixbXCJ1c2VyX2ZlZWRiYWNrX21lbnVfb3B0aW9uXCIsXCIxXCIsMV0sW1wiV2hhdCB3YXMgd3Jvbmcgd2l0aCB0aGlzIGFkP1wiLFtbXCJBbHJlYWR5IGJvdWdodCB0aGlzXCIsW1wibXV0ZV9zdXJ2ZXlfb3B0aW9uXCIsXCIxMVwiLDFdXSxbXCJBZCBjb3ZlcmVkIGNvbnRlbnRcIixbXCJtdXRlX3N1cnZleV9vcHRpb25cIixcIjNcIiwxXV0sW1wiTm90IGludGVyZXN0ZWQgaW4gdGhpcyBhZFwiLFtcIm11dGVfc3VydmV5X29wdGlvblwiLFwiMTJcIiwxXV0sW1wiU2VlbiB0aGlzIGFkIG11bHRpcGxlIHRpbWVzXCIsW1wibXV0ZV9zdXJ2ZXlfb3B0aW9uXCIsXCIyXCIsMV1dXV0sW1widXNlcl9mZWVkYmFja191bmRvXCIsXCIxXCIsMV1dXSxbXCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW1hZ2VzL2FkY2hvaWNlcy9pY29ueDItMDAwMDAwLnBuZ1wiLFwiQWRDaG9pY2VzXCIsXCJBZCBjbG9zZWQgYnkgJTEkc1wiLG51bGwsXCJodHRwczovL3d3dy5nc3RhdGljLmNvbS9pbWFnZXMvYnJhbmRpbmcvZ29vZ2xlbG9nby8yeC9nb29nbGVsb2dvX2RhcmtfY29sb3JfODR4MjhkcC5wbmdcIixcIlNlbmQgZmVlZGJhY2tcIixcIlRoYW5rcy4gRmVlZGJhY2sgaW1wcm92ZXMgR29vZ2xlIGFkc1wiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFwiU2VlIG15IEdvb2dsZSBhZCBzZXR0aW5nc1wiLG51bGwsXCJodHRwczovL3d3dy5nc3RhdGljLmNvbVwiLFwiXCIsXCJBZHMgYnkgJTEkc1wiLFwiQWQgc2V0dGluZ3NcIixcImh0dHBzOi8vYWRzc2V0dGluZ3MuZ29vZ2xlLmNvbVwiLFwiUG9saXRpY2FsIEFkXCIsbnVsbCxudWxsLDBdLFwiQUIzYWZHRUFBQVpCVzF0YlcyNTFiR3dzV3pJeFhTeHVkV3hzTEc1MWJHd3NiblZzYkN4dWRXeHNMRzUxYkd3c2JuVnNiQ3h1ZFd4c0xHNTFiR3dzYm5Wc2JDeHVkV3hzTEc1MWJHd3NiblZzYkN4dWRXeHNMRzUxYkd3c2JuVnNiQ3h1ZFd4c0xHNTFiR3dzYm5Wc2JDeHVkV3hzTEc1MWJHd3NiblZzYkN4dWRXeHNMRzUxYkd3c2JuVnNiQ3h1ZFd4c0xHNTFiR3dzYm5Wc2JDeHVkV3hzTEc1MWJHd3NiblZzYkN4Yld5SkdZV1JsY25CeWJ5SXNJbFZUSWl3eExHNTFiR3dzTVYwc0lqRXpNRGM1TXpJNU1TSmRYU3hiYm5Wc2JDd2lhSFIwY0hNNkx5OW5iMjluYkdWaFpITXVaeTVrYjNWaWJHVmpiR2xqYXk1dVpYUXZjR0ZuWldGa0wybHVkR1Z5WVdOMGFXOXVMejloYVQxRFJtMDRWMnRCVDJKWmIzVmpUbGxmZFY5blZGVTJiM0kwUWs1ZlpIUTJaSEZyWVVSdWIzUm5UakowYTJWRlFVVm5MVnAyZUdoQlJtZDVabUZ0YWs1RGF6VkJMV2RCWWxkUmVFMUJSSGxCUlVvMFFVbEJjVUZOUW5sQlRrbHhaMVJMUVd0ZlVYY3hlakV3YUV0V2VGWmtiMVZrZUVsU09YVldZek53VGpJM2JXUjNNamhOYVZwaGNsRnZTVGRVZEdRNWFUWllVV3RrUkMwdGQySllUQzFEZFhGdVpWRkpVSEYzTUdoamJsVlFaWGRpYWxWS1dEWkNSMFpGYjJaamVqWk5OVVUzVTNsdFVXWklWSFZhVHpGbGF5MTVjelJQUVhKaWQzTnhlbVkwTjJWMlgyY3pUazlVU2xoaVlraFhTblJuV21SSVpFZDFVMDVOWlVwcmFtVlJWSGhZT0V3MGJXOURaa2hSTTJORFltZExMVVl5WjNOVFdsSnZORlpGWm01Q1EzSkNXVWRWU0U5Uk1FeDRNVmx4YjB0QmFteDBkWEJxTkZSSlMzaEhNV0Y1ZVhKTFZWWkhRMjF6UW1Sb01qUjZaR0V4Tm1oTFpHeG1XbTlWTjB0MVRXVm9aV0l5YWpCdFYwa3lVV3cxTTJaNk1VUmtTbmswY1RocVUzZDNTVjlXWm5CUFZsRkJaMjF3WDJaU2JuWlBhV0kxUm1KV05pMVdOR3R3YkdObGNHVmFObDluZFhoeVprSm5TMUEyVHpCSlMxSlhRa1JwY0Rad00xOUtaMnAyYkVoSkxVNDBhRzlQT1ROd2QzZHFRM2hmZVRSdE5XczVNM1oxZEhkTVFqWkRUM0pRTlhaRlNWcFNOVEozZVVWWVRtTjZRbmt4Vmw4dFdsWjBNazUwWDJoS2FXczJRbTFrVjNCbWIybERVbFpJUkV3emFUbFNNekJmYzBGRmRqVlhVRGc0TUVRMFFWRkNiMEZaZFdkQlpYbzNOM05mY1VGbFQzcG9kVzlDTlZCWlJ6Wm5TRGR3WVhoQmNXZElYM0EyZUVGeFowaHdTMDk0UVhGblNERmphMkp4UVdWdGRtaDFiMEpmVUZKSE5tZEliSFJuWW5GQlpYRnROMFZEY1VGbVptNDNSVU15UVdOQk1HZG5TRU5KUW1oRlFVVlpTR0pGU2pGQlFUYzJSRzgwTlhwRFFVTm5UMWxEZDBoSlEzZEhRVVJCUnpSRVFVaFpSWGN6VVVaUlNEUkdaMGRCUm5kRlhIVXdNREkyYzJsbmFEMWFjbkJ6ZFZkS2RuUm5RVngxTURBeU5tTnBaRDFEUVZGVFVFRkRUa2x5VEUxWlYwZEhaM2w2YzBkUExXTlRVRFY0Ym05dVJXUjVMWFpoVkZSbmRrcHVkbVptU0dwVU0wb3RUMWRvY1RKSk5rcGZUa3BPY1hWeFVXcExkV1IyV1doeFNIUXRabXBSU3pnMlp5SXNXMjUxYkd3c2JuVnNiQ3h1ZFd4c0xDSm9kSFJ3Y3pvdkwyUnBjM0JzWVhsaFpITXRabTl5YldGMGN5NW5iMjluYkdWMWMyVnlZMjl1ZEdWdWRDNWpiMjB2WVdSekwzQnlaWFpwWlhjdlkyOXVkR1Z1ZEM1cWN6OWpiR2xsYm5ROWQzUmhYSFV3TURJMmIySm1kWE5qWVhSbFpFTjFjM1J2YldWeVNXUTlOalV6T1RJMU9UQTFPVngxTURBeU5tTnlaV0YwYVhabFNXUTlOVEV4TlRZME5EUXlOVGs0WEhVd01ESTJkbVZ5YzJsdmJrbGtQVEJjZFRBd01qWmhaRWR5YjNWd1EzSmxZWFJwZG1WSlpEMDBOekF6TnpFNU1UTTNORFZjZFRBd01qWm9kRzFzVUdGeVpXNTBTV1E5Y0hKbGRpMHdYSFV3TURJMmFHVnBaMmgwUFRrd1hIVXdNREkyZDJsa2RHZzlOekk0WEhVd01ESTJjMmxuUFVGRGFWWkNYM2t0ZWpWNGVFeEJVVzB5UlhkV1UxSndjbFpVV0dOWmVGQjVjMUVpWFN4dWRXeHNMRzUxYkd3c01Td2liRGhKYzNWTWJuTTJWVUZKYTJGRWJtOTBaMDVGUzFkSWJWcFpka2ROZGkxeWFqUnBSRWRhYUZwSFZubGpTRXAyVE&i=17-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75575
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
9ovqV-CMt_VCDWB9JkpORsp1m8FMo6gwYViBJ99ntfLcj-7b1WRTGw==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=cxT2RtSlVTVWxEUVZWVVIwcDFSVXhDVWtOR01rNW9URmhDTVZscE1EQk5WRVY2VG1wbmVFOUVaM2xOZWtWNFRrUlZNVk5CVmxsTWJVTnFRVE5CUW5GQlJVSWlMQ0l4TWpZMk16QXhORE13T1NKZFhWMHNXekVzTVN3eExERXNNVjBzVzI1MWJHd3NiblZzYkN3aVZWTWlYVjBJSTZvWEhqZVJlZHU1MkVJRGd1UTh5dWMwWDZBQUtEVFI4djJCODlJMWtRaC1IbUF1aWZEY09UbzVZQVQtQXA5NW9jWWJvRmtuZkV0c20zSmRYZ0p0bENTWG5MQlU3RU1ISDVnc1FGYWJteFFXM29QckliUUNLRW1sbnl3Z3ZoMFROUnlvYXl2U0RoUHJRakpaaURIR1hhOHNsaDJrRWc1Vm1XLVZ0MGJSUjAtYi1OeXo3VFVxeDNHeThteTkwWkJ4ekRiX01HQ3NUOTg4Wk1OdXFuV09QOUdYMHdSeFlxNHlVRGdJY2dmMmNyNHBSMXdDZFcydkhmS0VmRVdRUTFXUkVZTTdLeUNnd1Zza2JlbWRMRHRYMTJpUDZKWGplbGR6bmNCc1d4MkpwbjJINV9Nd244YmUxOFlQZ2gtdjF3OFFreFFjZXhqUjUybmxDQ0NJYUYxWixKMmNLLTREVDdqYXJvMlpuaWFEUUx3XCIsXCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5XFx1MDAyNnJlYXNvbnM9QWEyS2NFWjlueFg0VzNjWGYwMWdNOWlHVkM3QlJXYXR6UFVkT1NKUkdjZDdnVFlCN3JPNVZXVlBRYjFITmFBTV9ZNG5PZVNCSllLOW9mS2dJVzhCY2ZRSVFjcFR4VU9lQk5xUWxhdG55Yi1yUGpFR05zVkViLURfcDNvWUVjc2dydnZXeWRodDJ1VnFuVXpuRm9mZUpUSzRSRmFiWkJSX0ZwTWpjSDFBaktUbGwzNmh4SWI1R2xlRndmcy1pWXA5TGRNMW5nX2d6bWE4QXczQmF3QktMLXFETTl4REpIc1QxXzhPWF91alBNQ1NvUEVsVGtEdHhQQ1phbjhzRDNMbjRRelJNd0VncWFxVW9fcmNBUlBZX1daRHEwamctRll5NXBsd3l1LVByLXBPLWZtckcwOEdDOU1OaGluTkVMTW00RXdrRl91ZkZTZXR0Rm5laEc2VmZ3bzFfNHU1YmMzU3JFSGhjZHZQMGZfaUhudHNCYlh2ZnRpbmZaZERXb05qdGM5NDB4MFQxVE1ha0RyTWl0TzhLcTd5elZqd245YXFHV2VJNEtKY1p5dWd3cEtMQVQ4ZWlRWUROd2tUczhtaXFIajhpVWhSQUlxbm9aR1R2OXVDRkNIeGFtdXVSYktkUnhxYWoxd0FzS2JTRHZZblVBLUp1VEpobWJNblN4ZFBQbVRkVl9GLWZydzBoWmpnTDdZOUxxczVVbTgxdmdBQjlTLUNBak9nZkNCSlZmYVB5YmRHcTRyVVpRSGhaUFhfS0RNaEpod21OWS1yX0pmbHVBdVFFSVhWR0p4cDNvc2xIOU1nVHJRQVJ2ZmR1M25TVElxY0tQSjAxYXJVdzdwemhLcDZLVmJHUGtxdUl6ZGhjQXJTdjZfUWFHUXg5d3JiOGtvdTRQdTdiTDNfZFBKejhYcmZXUFRxdTM3akNXY1dwTlFKUlk2RmtBNU10VnllUDNjZ2d6Zllpcl9rNEw2RS1sNDZFUlFreXFTS3g1cVZnN1A5Z3ZoaVp0Q19PSTdzVEp0Rlh0UXZ1M1pyLVN0ei1LenVYTmh5alpQLTFvSXQ3WjdxbGxjTm9uVENzcXB6U3NqaTlmaThOQjJKQVo5czMwZi0zWm1UNTBPRFExbWtIeERQaXBNLU9scEJvdXhaVDU4endkbUdKcnYwREJabk5BZjFRY0Znb2RYaWdHNlJUbnRsOWtaNS14ZEx2NU8wZ29zaHFQUkNYS19HOG9KUU02MnNQc1JDUzFiU2xELTlHSUo2NHNqNmFGNk9uSE9jOU9PMG93TDh3RHcxRFFWOFhIMzNPSVpkY0dTZVFXazk4T21vbktsZnZzMk5ZNjNJM3h2T3VhVEdaSTFkVllxQmVnWjJhTTRBcGQwTHFhekNvazR3VnZCUWFXUF9TVnl0d2pKa1JzVDlKanFIRzJaTDMwM1dpZmNmMlZRQWpZUy10TGVSRlBjZGlJZkI5RjRyWE82aHktbXBaQmZRdFRWaDQ2VS0tRGZwVU9oNDRVcDEzOEgyWUxuMl8tOGI3YjhiX1QwZU5fSHN4NGpoZDVnWVctUng5amtQNzBkeEd0RllWRzlxQ19Ha2pmdWZ0ZjhvVXlIQkpZcXR3ZnhIeFJrdUpva1dIVENZZkowRlFkWkRnWVNZUmhMOEY3c3pIMTNPME1pSy1ESjlsU28wa3AwVllyTl85aGZnR3dGbmNoamd0czZjYnNCWXBpbWxKVXZzWllBTHZub1MyYzFlemtGSTM5SUVJTkNERXQxWjQ5cUxHMG5GUy1NaVAybHdVNGVhM1p2eXlGUDJzQTQ1Y2ZyMDdGYkpBOW1XV3dQTVBEWGdvLWpXSTRnb1BIWGxUQVlUTGlFVHdQZ2VJQzNTMWkxcGJoN3poMHRzRjJEWWxCNmMxNzZqZlRRSFIxOHFBWmpLNi1BRFEtM2F6czhob3JFMFdSVkNuSVFod1NvV3F0eGpGRGppUzF5eXBFN0hJUnRIeWxnNmMtWjlMdkNPYUJwcy1GSzZWTTVwT0pJa2lRamp3eEpXT21GQnp4WnZkdjA5a1Jkc0hQZm4wZjZQLVRLMFFQY3ItSkxJb3dVTFJ3OUVaYzdFU3d0WDJKV1NpOEd3cm9CNW9VenNZdGJVT25HTVdMVlZ0QmRkZmRYSVdsNUZnZURkbWJzMVU3NFRoRE1DSkx2UXFNMFRrZFN1Q0ZJLVR3NUdDSDlCbl9UNmJLOUN5RjVFNGRDWWtWY1dlaXVmUDREa3lRWUp5RklOYnZ3dm9TRFRESDZmSVdYTURoQ2dWUkljOGtFRk9SRnhZTXItQk9qVXRxOTduR3BNU2IzZUN6S09iZXFqNEdQbGN1emZscmJYVTdpNFo1YmY1cTFTMkx1b2RxemZuUDdEaUtPbERHd0h0cDd3Sm5zRy03bzNxWG1EcVZEY1NRXCIsXCJXaHkgdGhpcyBhZD9cIiwxLDBdLG51bGwsbnVsbCwwLG51bGwsMCwwLDEsMCwwLDAsMCwwLDAsMCxudWxsLDAsMSwwLG51bGwsW1tcImpha2VfdWlfZXh0ZW5zaW9uXCIsXCJqYWtlX2RlZmF1bHRfdWlcIl1dLDkwLDcyOCwwLG51bGwsbnVsbCwwLG51bGwsbnVsbCxcInJpZ2h0XCIsMCwwLFwicjIwMjIwNjAxL3IyMDExMDkxNFwiXSk7PC9zY3JpcHQ%2BXG48c2NyaXB0IGRhdGEtamM9XCIyMlwiIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvcjIwMjIwNjAxL3IyMDExMDkxNC9jbGllbnQvd2luZG93X2ZvY3VzX2Z5MjAxOS5qc1wiIGFzeW5jPVwiXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjIwNjAxXCIgZGF0YS1qY3AtdXJsPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DRm04V2tBT2JZb3VjTllfdV9nVFU2b3I0Qk5fZHQ2ZHFrYURub3RnTjJ0a2VFQUVnLVp2eGhBRmd5ZmFtak5DazVBLWdBYldReE1BRHlBRUo0QUlBcUFNQnlBTklxZ1RLQWtfUXcxejEwaEtWeFZkb1VkeElSOXVWYzNwTjI3bWR3MjhNaVphclFvSTdUdGQ5aTZYUWtkRC0td2JYTC1DdXFuZVFJUHF3MGhjblVQZXdialVKWDZCR0ZFb2ZjejZNNUU3U3ltUWZIVHVaTzFlay15czRPQXJid3NxemY0N2V2X2czTk9USlhiYkhXSnRnWmRIZEd1U05NZUpramVRVHhYOEw0bW9DZkhRM2NDYmdLLUYyZ3NTWlJvNFZFZm5CQ3JCWUdVSE9RMEx4MVlxb0tBamx0dXBqNFRJS3hHMWF5eXJLVVZHQ21zQmRoMjR6ZGExNmhLZGxmWm9VN0t1TWVoZWIyajBtV0kyUWw1M2Z6MURkSnk0cThqU3d3SV9WZnBPVlFBZ21wX2ZSbnZPaWI1RmJWNi1WNGtwbGNlcGVaNl9ndXhyZkJnS1A2TzBJS1JXQkRpcDZwM19KZ2p2bEhJLU40aG9POTNwd3dqQ3hfeTRtNWs5M3Z1dHdMQjZDT3JQNXZFSVpSNTJ3eUVYTmN6QnkxVl8tWlZ0Mk50X2hKaWs2Qm1kV3Bmb2lDUlZIREwzaTlSMzBfc0FFdjVXUDg4MEQ0QVFCb0FZdWdBZXo3N3NfcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh1b0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmZm43RUMyQWNBMGdnSENJQmhFQUVZSGJFSjFBQTc2RG80NXpDQUNnT1lDd0hJQ3dHQURBRzREQUhZRXczUUZRSDRGZ0dBRndFJmFtcDtzaWdoPVpycHN1V0p2dGdBJmFtcDtjaWQ9Q0FRU1BBQ05JckxNWVdHR2d5enNHTy1jU1A1eG5vbkVkeS12YVRUZ3ZKbnZmZkhqVDNKLU9XaHEySTZKX05KTnF1cVFqS3VkdllocUh0LWZqUUs4NmdcIiBkYXRhLWpjcC1nd3MtaWQ9XCJcIiBkYXRhLWpjcC1xZW0taWQ9XCJDSXVrcFptZGtfZ0NGUS0zbndvZFZMVUNUd1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBkYXRhLWpjPVwiMjNcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2pzL3IyMDIyMDYwMS9yMjAxMTA5MTQvY2xpZW50L3FzX2NsaWNrX3Byb3RlY3Rpb25fZnkyMDE5LmpzXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjIwNjAxXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0Pmdvb2dxc2NwLmluaXQoW1tbW251bGwsNTAwLDk5LDIsOSxudWxsLG51bGwsbnVsbCwxXV1dXSk7PC9zY3JpcHQ%2BXG48c2NyaXB0IGRhdGEtamM9XCIxMDNcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyMjA2MDFcIiBkYXRhLWpjcC1iYXNlX3VybD1cImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9jb252ZXJzaW9uLz9haT1DRm04V2tBT2JZb3VjTllfdV9nVFU2b3I0Qk5fZHQ2ZHFrYURub3RnTjJ0a2VFQUVnLVp2eGhBRmd5ZmFtak5DazVBLWdBYldReE1BRHlBRUo0QUlBcUFNQnlBTklxZ1RLQWtfUXcxejEwaEtWeFZkb1VkeElSOXVWYzNwTjI3bWR3MjhNaVphclFvSTdUdGQ5aTZYUWtkRC0td2JYTC1DdXFuZVFJUHF3MGhjblVQZXdialVKWDZCR0ZFb2ZjejZNNUU3U3ltUWZIVHVaTzFlay15czRPQXJid3NxemY0N2V2X2czTk9USlhiYkhXSnRnWmRIZEd1U05NZUpramVRVHhYOEw0bW9DZkhRM2NDYmdLLUYyZ3NTWlJvNFZFZm5CQ3JCWUdVSE9RMEx4MVlxb0tBamx0dXBqNFRJS3hHMWF5eXJLVVZHQ21zQmRoMjR6ZGExNmhLZGxmWm9VN0t1TWVoZWIyajBtV0kyUWw1M2Z6MURkSnk0cThqU3d3SV9WZnBPVlFBZ21wX2ZSbnZPaWI1RmJWNi1WNGtwbGNlcGVaNl9ndXhyZkJnS1A2TzBJS1JXQkRpcDZwM19KZ2p2bEhJLU40aG9POTNwd3dqQ3hfeTRtNWs5M3Z1dHdMQjZDT3JQNXZFSVpSNTJ3eUVYTmN6QnkxVl8tWlZ0Mk50X2hKaWs2Qm1kV3Bmb2lDUlZIREwzaTlSMzBfc0FFdjVXUDg4MEQ0QVFCb0FZdWdBZXo3N3NfcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh1b0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFmZm43RUMyQWNBMGdnSENJQmhFQUVZSGJFSjFBQTc2RG80NXpDQUNnT1lDd0hJQ3dHQURBRzREQUhZRXczUUZRSDRGZ0dBRndFJmFtcDtzaWdoPVpycHN1V0p2dGdBXCIgZGF0YS1qY3AtY3B1X2xhYmVsPVwiaGVhdnlfYWRfaW50ZXJ2ZW50aW9uX2NwdVwiIGRhdGEtamNwLW5ldF9sYWJlbD1cImhlYXZ5X2FkX2ludGVydmVudGlvbl9uZXR3b3JrXCI%2BKGZ1bmN0aW9uKCl7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovICd1c2Ugc3RyaWN0JzsvKiAgU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gY29uc3QgZD1mdW5jdGlvbihhLGI9bnVsbCl7cmV0dXJuIGImJmIuZ2V0QXR0cmlidXRlKFwiZGF0YS1qY1wiKT09PVN0cmluZyhhKT9iOmRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoYFske1wiZGF0YS1qY1wifT1cIiR7YX1cIl1gKX0oMTAzLGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpO2lmKG51bGw9PWQpdGhyb3cgRXJyb3IoXCJKU0Mgbm90IGZvdW5kIDEwM1wiKTtjb25zdCBnPXt9LGg9ZC5hdHRyaWJ1dGVzO2ZvcihsZXQgYT1oLmxlbmd0aC0xOzA8PWE7YS0tKXtjb25zdCBiPWhbYV0ubmFtZTswPT09Yi5pbmRleE9mKFwiZGF0YS1qY3AtXCIpJiYoZ1tiLnN1YnN0cmluZyg5KV09aFthXS52YWx1ZSl9IChmdW5jdGlvbihhLGIsayl7dmFyIGU9d2luZG93O2EmJmImJmsmJmUuUmVwb3J0aW5nT2JzZXJ2ZXImJmUuZmV0Y2gmJihuZXcgZS5SZXBvcnRpbmdPYnNlcnZlcigoYyxtKT0%2Be2M9Y1swXTt2YXIgZjtpZihcIkhlYXZ5QWRJbnRlcnZlbnRpb25cIj09PShudWxsPT1jP3ZvaWQgMDpudWxsPT0oZj1jLmJvZHkpP3ZvaWQgMDpmLmlkKSl7dmFyIGw7Zj0wPCgobnVsbD09KGw9Yy5ib2R5Lm1lc3NhZ2UpP3ZvaWQgMDpsLmluZGV4T2YoXCJuZXR3b3JrXCIpKXx8MCk%2FazpiO2UuZmV0Y2goYCR7YX0mbGFiZWw9JHtmfWAse2tlZXBhbGl2ZTohMCxtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifSk7bS5kaXNjb25uZWN0KCl9fSx7dHlwZXM6W1wiaW50ZXJ2ZW50aW9uXCJdLGJ1ZmZlcmVkOiEwfSkpLm9ic2VydmUoKX0pKGcuYmFzZV91cmwsZy5jcHVfbGFiZWwsZy5uZXRfbGFiZWwpO30pLmNhbGwodGhpcyk7PC9zY3JpcHQ%2BXG48c2NyaXB0IGlkPVwiZ29vZ2xlQWN0aXZlVmlld0Rpc3BsYXlTY3&i=18-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75575
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
JFMh70lGBsGOdgXm0bis3ET89Ip9i4RIiez6e0hdeLolceJITU6sgw==
place
math-aids-tagan.adlightning.com/ Frame C0D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-tagan.adlightning.com/place?p=1&d=JpcHRcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdzZXJ2aWNlcy5jb20vYWN0aXZldmlldy9qcy9jdXJyZW50L3J4X2xpZGFyLmpzP2NhY2hlPXIyMDExMDkxNFwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2Bb3NkbGZtKCk7PC9zY3JpcHQ%2BXG48aWZyYW1lIHRpdGxlPVwiQWR2ZXJ0aXNlbWVudFwiIGlkPVwiZ29vZ2xlX2FkXzUxMTU2NDQ0MjU5OFwiIHNhbmRib3g9XCJhbGxvdy1zY3JpcHRzXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZGJ1bmRsZS8kY3NwJTNEZXIzJC8xNjMzMDI4Mzk3ODIyMTMwOTI5MS9pbmRleC5odG1sI3Q9ODc5OTQwNTA1NjQ3MDEwMTA0MCZhbXA7cD1odHRwcyUzQSUyRiUyRjUxNGE3ODE5ZGMyZWRmNjY5YWJmN2ZjNWI3YTQzMTEzLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb21cIiB3aWR0aD1cIjcyOFwiIGhlaWdodD1cIjkwXCIgc2Nyb2xsaW5nPVwibm9cIiBmcmFtZWJvcmRlcj1cIjBcIiBzdHlsZT1cImJvcmRlcjowO292ZXJmbG93OmhpZGRlbjtcIj48L2lmcmFtZT5cbjxpZnJhbWUgdGl0bGU9XCJCbGFua1wiIGZyYW1lYm9yZGVyPVwiMFwiIGhlaWdodD1cIjBcIiB3aWR0aD1cIjBcIiBzcmM9XCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvZHJ0L3M%2Fdj1yMjAxMjAyMTFcIiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlXCIgYXJpYS1oaWRkZW49XCJ0cnVlXCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHRpdGxlPVwiQmxhbmtcIiBzY3JvbGxpbmc9XCJub1wiIGZyYW1lYm9yZGVyPVwiMFwiIGhlaWdodD1cIjBcIiB3aWR0aD1cIjBcIiBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9zL2Nvb2tpZV9wdXNoX29ubG9hZC5odG1sI2FIUjBjSE02THk5d2FYaGxiQzF6ZVc1akxuTnBkR1Z6WTI5MWRDNWpiMjB2Wkcxd0wzQnBlR1ZzVTNsdVl6OXVhV1E5T0NabmIyOW5iR1ZmWjJsa1BVTkJSVk5GUjFKM1F6SnBNMEkwVTNkSFIwVTNVbkF0T1hGSlJTWm5iMjluYkdWZlkzWmxjajB4Sm1kdmIyZHNaVjl3ZFhOb1BVRlpaelZ4VUVvMVJrNURUWGR5ZEVWM1NXSk5XV3RDTm1kT1FVZ3RTR1ZtUlU1c1VURkVVRkJ6WWtORGRIUkhNa1pQYTBsc09TMXZjbVpTYjAxeU1ISXdaVVJPV21rMmVUaFZPVkJ0U1dZd2FubERXVkpFUkRObldrRmFOalJwYTFoWWJraGpaMUZ4ZGxwcU9XVjJPVmxPU1MxRk5GODJkamhrY3pZeFYwUnpjV3RUVkVobVJqSjRkR0ZLUkVvMCxhSFIwY0hNNkx5OW1hM051YXk1amIyMHZZM012WjI5dloyeGxQMmR2YjJkc1pWOW5hV1E5UTBGRlUwVkJlV05FYzNKNk9WZGZibVpYTFhGcFJUVnVNMmhCSm1kdmIyZHNaVjlqZG1WeVBURW1aMjl2WjJ4bFgzQjFjMmc5UVZsbk5YRlFTMWRtT0ZsRFVrbFpSMFZLZHpnMGNuTjBUMXAyYUZadVJqTnpRak5ZY2s1UGVYY3hYMHBXWDBWdVVWRlhUVTV0Yld0WFQwOHdVRVJ0YlRBdFZHWXRUMFp6YUZWUk1rMWpRMEk0ZURsUlJqSk1SR1JOU2taalMwSjROa3B0Vmsxd2JqWndWbVo0VDBWYWQzbFlNMTlMU2xFd1pEaHZUemhpVG5OU01XOVBXRTExWkRSQlZtUndVUT09LGFIUjBjSE02THk5akxuVnpNUzVrZVc1MGNtc3VZMjl0TDJGa2VDOW5ZUzkxY3k1d2FIQV9aSGx1YXoxbllUSmxlQ1puYjI5bmJHVmZjSFZ6YUQwbFIwOVBSMHhGWDFCVlUwZ2xKbU4wZVQxaWNpWm5iMjluYkdWZloybGtQVU5CUlZORlNYZEdhMnMyY25CSlZFWTBlR2ROUTBkMFEwMXNWU1puYjI5bmJHVmZZM1psY2oweEptZHZiMmRzWlY5d2RYTm9QVUZaWnpWeFVFeHFWa3BKYmxoVVpWbFVYMDQ1U0ZSb1YzaG5TVkp1T1RWbGFGaFdORFkyVGt0aGFrTk5iVzR4TjFKTll6aExRM2RaUTBGek9HTTBjMXBVZG5ZMk5rNVFTV2hrU1VZeVQxUmFlV1ozU0RoTmRXNUJkRnByVlZkbVNFZDZabXQzVms5ME5VMWlVRFl0WkhGSVJXWkxVbEJYWVVjMGRsTlFSV2xDUjE5c1ltSjZOMVp3YURkUldIWnYsYUhSMGNITTZMeTl6TUM0eWJXUnVMbTVsZEM5a2IzUXVaMmxtUDJkdmIyZHNaVjluYVdROVEwRkZVMFZGYzFsak1XRklPRGxPTWtkbU1EbHRTMlZmVW1oVkptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWbG5OWEZRUzFwWkxXNXVSelpyTUZOMWJUUjBWbmxZT0cweVkyaFJObkJmZDBsT05sVTBXamhFUjJkb1lXVnNOSFo1VVU4M1dqTnVaVlZNVjFrdGEwUm1XR1pHTkVoR1QwRlROVVpzWlRSWmFsQjRZMmhwWDBVMGFqbG1ZV0pzZWxsVGVtcEljbXRsYlhsek5ITjVkbFZ4UVU4NVlYTmtkRmhwWDA5TVNUTlZTazFNUzFOdVEzb3RkazkyTmpRPSxhSFIwY0hNNkx5OXpjM0F1WVdSeWFYWmxjaTV5ZFM5aloya3RZbWx1TDNONWJtTXVZMmRwUDNOemNGOXBaRDB4TUNabGVIUmxjbTVoYkY5cFpEMG1aMjl2WjJ4bFgyZHBaRDFEUVVWVFJVaFpkVFpVVURkeFdsTnJiSGRMYzA1bVpUZEhSbEVtWjI5dloyeGxYMk4yWlhJOU1TWm5iMjluYkdWZmNIVnphRDFCV1djMWNWQktOM1pUWmxaSE1YZE9UbE5NY1VsdFZua3RaRlU1ZG1kWWRHMU5hR1JDY0c5RU5rSkRXbVZuZDB4bWRtNW5RMHg1YTE4MU5GUkhlbTF5UTA5UGMxaEROa2RyUlVaVmMyMXFUa1JzVldSUWQwbE5WWGRPWmpFNFltZE9VbTk1YjNScU5rRTNOREZ5VWtab1NVMWhMWGxQZGxacFpFcFBOWE0zUWpKaWNGSnRibTlDVkUxeWFTMTBRUT09LGFIUjBjSE02THk5eWRHSXViM0JsYm5ndWJtVjBMM041Ym1NdlpHUnpQMmR2YjJkc1pWOW5hV1E5UTBGRlUwVkRRMTkwVldoMU56WjJiMmRzVTNjNFdtaGFWR3RqSm1kdmIyZHNaVjlqZG1WeVBURW1aMjl2WjJ4bFgzQjFjMmc5UVZsbk5YRlFURFZDYkhRNFJITjNZaTF1ZDJsNllrRkZhVzltY0c5SlgwTnVSbkZSTmpFNFYwTk9NVGxoZVU1SWIzZElRMTgxTW5aU00zaDJUelZTVTB0WE5rTmhlbE5pVjJvNFdsOWhUR1JWVXpGeWVYRXdWMFJ3UTJobVN6WTRSazlWVkZKc2NYa3lTbXhsWjFjMWVtMTBjRXhIYjJaVVlYQlNVbXBIWkhGNVgwRm5aSGhmUW1SbGRIcDBYMk09LGFIUjBjSE02THk5eWRHSXlMWFZ6WldGemRDNWxMWFp2YkhWMGFXOXVMbUZwTDNONWJtTV9aWGhqYUdGdVoyVTlNVGt6Sm1kdmIyZHNaVjluYVdROVEwRkZVMFZOYkU4MFZYbG1Obmx2UjNNeVExRXpYelZ6WmtaQkptZHZiMmRzWlY5amRtVnlQVEVtWjI5dloyeGxYM0IxYzJnOVFWbG5OWEZRU1d0T01sOWphM0k0TWxkclVGTmpSVlF4WjJOWVlqbFNhMlppZFZKSWRtSnBXR0YzTmtrNFdXTnlhbmx5UlhwVFJpMUZVVFJDTVdvMlpFWnZkbmRLY25sVWVHMXpNMEpOZEVodlZEaFhTREU1UmxWa1MybERablZKVUcxeU1ucHBjV0pQWVVKNU0zQllRVmxrVkRSSFVIaFlNelJxVWtGdU9FczJVbEpQZW04MlFTMWFNbTVaZFVSeCxhSFIwY0hNNkx5OWpiUzVuTG1SdmRXSnNaV05zYVdOckxtNWxkQzl3YVhobGJDOWhkSFJ5UDJROVFVaE9SakV6U3pGalpHUTViVEZxVVZBMkxXaFhka0pQWkZwVWEzSTFVa3BFTm1sdWRGQTJVRTFLWW1ReVVIZE5WRXBNT0hsa1UyNWlOMTlSV0VKSFpGVXhObU51Y1U1NFJtNUZVRk5SXCIgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZVwiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiPjwvaWZyYW1lPjwvYm9keT48L2h0bWw%2BIiwiaW50ZXJtZWRpYXRlTWFya3VwIjoiIn0%3D&i=19-19&t=adltag_l3zj303a_74uzjT3U5yd&r=3df617ed48a9facb2522efece17af6f&c=math-aids&z=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-105.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
7K4Iz42hJdSJnRQ6b6oA7LPiH85Qk.ev
via
1.1 22b4e88fef21348dd6c483ef3c03143e.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jun 2020 18:35:13 GMT
server
AmazonS3
age
75575
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/plain
date
Fri, 03 Jun 2022 10:03:15 GMT
x-amz-cf-pop
NRT51-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
Q38d4ZDxVWD9f02Llozh6MfX5fZ8VjEOUhn1OXF1LUPyB6hJNrIAhg==
activeview
pagead2.googlesyndication.com/pcs/ Frame BF65 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst97cckz5PT3Lt_Bx3rAPMU-vwqc66RpW1gJDx1KBYMzqGilTXH8y6h6Kl6nQzX6uD7DEd3jw8b4NDD1naiq2x1jYzzSJDjJWUTf6cj6oBjZJ-PqNMNt1leZw&sai=AMfl-YRVoinu52Jk-4FVGsnPNBzCOv1-X5hjUOVy9BGkgzM2otPLlO6kl5nwDIPyH6tEkITFItIY7UCCCgHznMHxmjquTOv9hVhORnJHVQq42RSLWtjfgqjDKSZmNOTt&sig=Cg0ArKJSzHjrUEf8XE86EAE&cid=CAASJeRor_UcTtRLF9IMbRPAvO7I4jDdVbE2T1YJs8yCRBnjJacl-DU&id=lidar2&mcvt=1135&p=502,996,752,1296&mtos=1135,1135,1135,1135,1135&tos=1135,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3828263961&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654326162189&rpt=5110&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6745
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:48 GMT
expires
Sat, 04 Jun 2022 07:02:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 7CC9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIoiR24jHLOvrfMaPfJ0LPo&google_cver=1&google_push=AYg5qPL4TBJOCqvWj8sYn_exF74S_xLhHRQT8GJ_IUijS0FWPTrvyBP7XOHxHDlt7Uyp0MT0sQJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&google_push=AYg5qPL4TBJOCqvWj8sYn_exF74S_xLhHRQT8GJ_IUijS0FWPTrvyBP7XOHxHDlt7Uyp0MT0sQJl_tK1RN4UE7rulWycsRRQz2NLqd_Bf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&google_push=AYg5qPL4TBJOCqvWj8sYn_exF74S_xLhHRQT8GJ_IUijS0FWPTrvyBP7XOHxHDlt7Uyp0MT0sQJl_tK1RN4UE7rulWycsRRQz2NLqd_BfcQxIki_AQJawgCBX_Jy-Pm0Tyi5c-vu6ZrZG6M
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaSjJYUDQtVC00WUZF&google_push=AYg5qPL4TBJOCqvWj8sYn_exF74S_xLhHRQT8GJ_IUijS0FWPTrvyBP7XOHxHDlt7Uyp0MT0sQJl_tK1RN4UE7rulWycsRRQz2NLqd_BfcQxIki_AQJawgCBX_Jy-Pm0Tyi5c-vu6ZrZG6M
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7CC9
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFWOL1qH9bfdqOzcq8ScgIU&google_cver=1&google_push=AYg5qPLpf9w9aNzqtKyMmG0O5426v-CIaZb-m0u9OtQZjmYv0WXNRYOUN7i43kqNmmcp6OEeJraR30KPcCpsq1Fe...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=7ba3b0ae&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLpf9w9aNzqtKyMmG0O5426v-CIaZb-m0u9OtQZjmYv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=7ba3b0ae&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLpf9w9aNzqtKyMmG0O5426v-CIaZb-m0u9OtQZjmYv0WXNRYOUN7i43kqNmmcp6OEeJraR30KPcCpsq1FeKgyceX04w4utmxVlo8BgzI-EuI_EeiNoez6i4axswwoPHRyXvP9weYTb
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 919e9b9a356118bf34b96bfdfbc59e82.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT51-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=7ba3b0ae&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLpf9w9aNzqtKyMmG0O5426v-CIaZb-m0u9OtQZjmYv0WXNRYOUN7i43kqNmmcp6OEeJraR30KPcCpsq1FeKgyceX04w4utmxVlo8BgzI-EuI_EeiNoez6i4axswwoPHRyXvP9weYTb
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ZOR4q9t5LGuCdgii2D2PvJjohP7x9W7m-oUwcient3OL69Ejeg_i1Q==
pixel
cm.g.doubleclick.net/ Frame 7CC9
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOb7iPGRqwQUX3FV0CkT7_o&google_cver=1&google_push=AYg5qPKIydZCxruEi84wgMXm8WPBpwFv3ezPyMwQqDMttrDltYPhs5Bsjolg0Ri6FM-OXKeB1pvndTd5HRFhQ47Oz13_IQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WBjL4wQVS8K4EpcGlRVPQQ&google_push=AYg5qPKIydZCxruEi84wgMXm8WPBpwFv3ezPyMwQqDMttrDltYPhs5Bsjolg0Ri6FM-OXKeB1pvndTd5HRFhQ47...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WBjL4wQVS8K4EpcGlRVPQQ&google_push=AYg5qPKIydZCxruEi84wgMXm8WPBpwFv3ezPyMwQqDMttrDltYPhs5Bsjolg0Ri6FM-OXKeB1pvndTd5HRFhQ47Oz13_IQABjUC7LLlCQNA6G1X4tM_-6xDtLliWCis3AuUEM1spxL8qRmls
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WBjL4wQVS8K4EpcGlRVPQQ&google_push=AYg5qPKIydZCxruEi84wgMXm8WPBpwFv3ezPyMwQqDMttrDltYPhs5Bsjolg0Ri6FM-OXKeB1pvndTd5HRFhQ47Oz13_IQABjUC7LLlCQNA6G1X4tM_-6xDtLliWCis3AuUEM1spxL8qRmls
date
Sat, 04 Jun 2022 07:02:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 7CC9
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEMmjnH6lApfA06LDTWQg5p0&google_cver=1&google_push=AYg5qPKpPx8ZwaPM_AeeXEd-jdk5ixNF3rXg-x3SQWJacMp0WDUo5onadp__ZFe1GrilHmGwb-vi...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=DZEOewx2T2q5hSkzrakvOg==&no_redirect=1&google_push=AYg5qPKpPx8ZwaPM_AeeXEd-jdk5ixNF3rXg-x3SQWJacMp0WDUo5o...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=DZEOewx2T2q5hSkzrakvOg==&no_redirect=1&google_push=AYg5qPKpPx8ZwaPM_AeeXEd-jdk5ixNF3rXg-x3SQWJacMp0WDUo5onadp__ZFe1GrilHmGwb-vi4cc4Bcdl963KW5vQxC3fOGv-Tva6SAxaaupo5b2vUrtZir4uY3BbtgPucCr5ptvx6qXJ-w
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=DZEOewx2T2q5hSkzrakvOg==&no_redirect=1&google_push=AYg5qPKpPx8ZwaPM_AeeXEd-jdk5ixNF3rXg-x3SQWJacMp0WDUo5onadp__ZFe1GrilHmGwb-vi4cc4Bcdl963KW5vQxC3fOGv-Tva6SAxaaupo5b2vUrtZir4uY3BbtgPucCr5ptvx6qXJ-w
date
Sat, 04 Jun 2022 07:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 7CC9
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDFl8G8FytdAAo5Ldz93_As&google_cver=1&google_push=AYg5qPJD5rK-LjS3e_6uDbQG-o1sysChzCf_P0AsUqayyMlE0Mdndi9WsgAuQo5HrnMDp-94Ncea4LRuvkIlQMAQZT_IuCz...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJD5rK-LjS3e_6uDbQG-o1sysChzCf_P0AsUqayyMlE0Mdndi9WsgAuQo5HrnMDp-94Ncea4LRuvkIlQMAQZT_IuCzWDmp3GC4IpDY1tTi6rLB08wxEZ7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJD5rK-LjS3e_6uDbQG-o1sysChzCf_P0AsUqayyMlE0Mdndi9WsgAuQo5HrnMDp-94Ncea4LRuvkIlQMAQZT_IuCzWDmp3GC4IpDY1tTi6rLB08wxEZ7heOE6y6TsaWor90MQ9LQEUjg&google_hm=MTc4Mzc3NzMxMzIxNzI3Njg2Ng==
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJD5rK-LjS3e_6uDbQG-o1sysChzCf_P0AsUqayyMlE0Mdndi9WsgAuQo5HrnMDp-94Ncea4LRuvkIlQMAQZT_IuCzWDmp3GC4IpDY1tTi6rLB08wxEZ7heOE6y6TsaWor90MQ9LQEUjg&google_hm=MTc4Mzc3NzMxMzIxNzI3Njg2Ng==
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7CC9
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELnvBUBBSkB5_15ZgOPdPmU&google_cver=1&google_push=AYg5qPK9JsalrqsXZw094eUQ7WmALdu9eWX935sbeGaADc8BvFgAgUFuXsITTbLejr...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPK9JsalrqsXZw094eUQ7WmALdu9eWX935sbeGaADc8BvFgAgUFuXsITTbLejrnOq6J_c6wu-qtYQTjbD02Tfl1wQL8Ak51LPrexaeHmEZAplb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPK9JsalrqsXZw094eUQ7WmALdu9eWX935sbeGaADc8BvFgAgUFuXsITTbLejrnOq6J_c6wu-qtYQTjbD02Tfl1wQL8Ak51LPrexaeHmEZAplbWMLJJyVyfFzmVUVOQ5s3fooNQMt2Tpog&google_hm=piBFAMZvS3qXS3IiBz385LI
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPK9JsalrqsXZw094eUQ7WmALdu9eWX935sbeGaADc8BvFgAgUFuXsITTbLejrnOq6J_c6wu-qtYQTjbD02Tfl1wQL8Ak51LPrexaeHmEZAplbWMLJJyVyfFzmVUVOQ5s3fooNQMt2Tpog&google_hm=piBFAMZvS3qXS3IiBz385LI
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 7CC9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHhq1-6PXCceNE1E8dl_LTU&google_cver=1&google_push=AYg5qPJEYrxQeNPvZGppXeFxS4fWq_OhX9hJKwxTLcg49sqjOlaXN9Hu7cUgFz9FXY5k-M9-bhQySD4SZYt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJEYrxQeNPvZGppXeFxS4fWq_OhX9hJKwxTLcg49sqjOlaXN9Hu7cUgFz9FXY5k-M9-bhQySD4SZYttiRJJbVRCq9lKiC4paQ0tpg044Dqr_NOcMvsi...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7CC9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzMv6m9M--avHiWRkMYHx5KCGjjmCxSstjkjrMVyeX5dcc95LRjwNiIMgQZHVVRxXQe4eMEn8cFA
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 515B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTgqiBvYUq5ndWL_rKAqPaAu7JRPXVyF06KD34K2RACt3R3IEh2UK2sueR3WTmPeGU0XPN1hCYdDP2v0Zs5dgGbfsUpAYTQTg_f7AWtP92oLfbeJvLe-MzZgI590au_P7nyueO8BkU7JhYAQP_KfpRL8XhAfrm-6I973lg8NG3EkiW3Xqiv-IGfi53DkX6tn2z_FMPeW5D7y2PsBfSFjjz5y1de_LB-JotfDOTuqv-S2QfoNt_yK0oAGrqDZt2PqAdJTFAId5tKzSEJE_0hBG0IiE8npY2x-mDHDj0IfeodLazbXsEzJnPGX1U4PUKhJmIZrOrjqsbS2-HICPMS0NbV2C507TDiU6OJPwaZZ-l9cEafLULlWczNUZb6ewfwo5iqKKC2-BcMZhVtW8O2NpH0xFMf73NWo-fgOOConsRPmPgiZk4Mw5Rw1tR_inaLoWqt1c_MfId95X8DYVYIf_ZGjtwdJ778Wc9bQhWj8pxBL7LAQRcEMjZM-Vb5RO25gcJWBFguccKG2nvo6ND58t04JWBDqs_sZwcSgPsJGZcJnk6X5Z-YTY9Pq16Is6Nxy_2G1d6atbGxdTp7giPeTXpMC0Tz-2UT5LJpuU_fMIg9Z1TIziXoL8pDsVEkmoUnoUCjlWHyne6D5wsFxvz132Xv_2G7Bqg4x_sDQope2lNnQOXsKohVjMG2kXXTPLcnBUaNEmKdbYBtX32NwVIxYNfgQFpq9LGpzJglUz9vzec3EXHVTnc_fpNoYUj6L1blBE6RIMGHTcd-Rsl1owlf7qUO7M6-AiyuUKuAWKkWM-A0lnnE-9Uk0weLf0Nc9YM9C-8PgW49uIpSOAmAxTddKaWh542aZglYbwsGVko1saeXCxeZ6_fAQARaoX7kBo3FUEhKwYvflO2f2kZgMRHKu4ffpetfhF-JORDeLxKUoCwFnr6H4HYQDoUo89Rk0LKrgwiGl32J7MVNX3s2zjwbXO6GiIZ3VU6p5iVUcEuCVyE1cUdjAMuEAb-dNzN7OSw5XYl4SWqCgLcGT-ZAUT8cHCLpvX2FyA1h_FTTkI1JBpM6FPSU5aasY5mImSbhPuOJHXeuRQxPVJ2cpa7cdHypz6EV7VMWvId4_h4oq3uhLBESe0c-tlsoE_qlA6Z37H7NNPV5hktVmCBTBcyN26gldH36lHkFQ6Jv9wedFuxnzl9d1OVmOjsavV-I7vxvj3F_UxgvVDCuCMH3pZowl61rCZA8EA&sai=AMfl-YQcVqjrxoDInVNiGr-_b9rHkZqPbdlui0VMr6_oTd1gS5HNVn3z6Qi3h-AkchmDzvwufDX01KVQyOa2AUh2KptvfTSuLFIO3kDTZKxo3JUUVd5lse3n_wSq6o_Q99g7TkzG_YMseNmT4dr9THuuzjyaIlPxAM87O9RdItHa3iIPebrQ4zER6_qopVFivg4YIyTbKWb8RjWV-N0M7pDhEBVo&sig=Cg0ArKJSzAoYcylBCgYhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2093&vt=11&dtpt=1336&dett=3&cstd=732&cisv=r20220601.61435&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame F4BA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXBzRGtRQUdXSzVGSVFBbw==&google_gid=CAESEOnZg3ZLnlKTzRj7m9zhT4c&google_cver=1&google_push=AYg5qPLD4MNwCtWyL2fVadUo6fXKLQP-Xt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXBzRGtRQUdXSzVGSVFBbw==&google_gid=CAESEOnZg3ZLnlKTzRj7m9zhT4c&google_cver=1&google_push=AYg5qPLD4MNwCtWyL2fVadUo6fXKLQP-XtaYCDjf3NysOv4nOPaZcm7UeXb2sSUbifxOUN9Yi-bldju8STxVgOcKUNOKwZbue1gZjYnvCNnFR7FPZNeChUJJiAhE0Aj0RGxtpp_q4yX-BBFT
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654326169.506007,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXBzRGtRQUdXSzVGSVFBbw==&google_gid=CAESEOnZg3ZLnlKTzRj7m9zhT4c&google_cver=1&google_push=AYg5qPLD4MNwCtWyL2fVadUo6fXKLQP-XtaYCDjf3NysOv4nOPaZcm7UeXb2sSUbifxOUN9Yi-bldju8STxVgOcKUNOKwZbue1gZjYnvCNnFR7FPZNeChUJJiAhE0Aj0RGxtpp_q4yX-BBFT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame F4BA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELdHr1CkoEmcs8OLL3cbyJU&google_cver=1&google_push=AYg5qPKQQary2Ba5-4tfPD7d9Sef9J6wqLeRcMd_Zzj472scCK1l8QHgJx6PFc3Ki-1JCWbYufQUkKWH...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzMzkwNTY2Mjg3NzAwOTM4NQ&google_push=AYg5qPKQQary2Ba5-4tfPD7d9Sef9J6wqLeRcMd_Zzj472scCK1l8QHgJx6PFc3Ki-1JCWbYufQUkK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzMzkwNTY2Mjg3NzAwOTM4NQ&google_push=AYg5qPKQQary2Ba5-4tfPD7d9Sef9J6wqLeRcMd_Zzj472scCK1l8QHgJx6PFc3Ki-1JCWbYufQUkKWHiy0gdiedMxN6FuUKkB6HLd9QXtRV2xUUO7xywoEv9TLnyfyOE6ygkuNYAihQXPw
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzMzkwNTY2Mjg3NzAwOTM4NQ&google_push=AYg5qPKQQary2Ba5-4tfPD7d9Sef9J6wqLeRcMd_Zzj472scCK1l8QHgJx6PFc3Ki-1JCWbYufQUkKWHiy0gdiedMxN6FuUKkB6HLd9QXtRV2xUUO7xywoEv9TLnyfyOE6ygkuNYAihQXPw
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F4BA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPJqSYlYS5_g0DhWpqbIcw8c7dQ0aJmhQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPJqSYlYS5_g0DhWpqbIcw8c7dQ0aJmhQ-sesvPO-WpqSN_JA1kPlsxequ1cFIedsuJIQJaRNmSP3Dh1jFe1ZQS1dwett9SxMf2rOS_1cp-XuKxpkgItnXMxBgG_hW17BKVgkTeDWwc1
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&google_gid=CAESEMqMm9qymDkHwAC_3teQcow&google_cver=1&google_push=AYg5qPJqSYlYS5_g0DhWpqbIcw8c7dQ0aJmhQ-sesvPO-WpqSN_JA1kPlsxequ1cFIedsuJIQJaRNmSP3Dh1jFe1ZQS1dwett9SxMf2rOS_1cp-XuKxpkgItnXMxBgG_hW17BKVgkTeDWwc1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
504
Expires
Sat, 04 Jun 2022 07:02:48 GMT
pixel
cm.g.doubleclick.net/ Frame F4BA
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ0Z35YuEzS2o-Gf0OC-8XtP3Wh-fxZP5dIkUi7sq6mVvthHr6NF1MaAHrhd26BDElPeMaBdsITzj...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ0Z35YuEzS2o-Gf0OC-8XtP3Wh-fxZP5dIkUi7sq6mVvthHr6NF1MaAHrhd26BDElPeMaBdsITzjHsYbCr3rLX7MS2rNiDXD1PxBcnTq2_7Iku5VGE0YzzyNnzdvy5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ0Z35YuEzS2o-Gf0OC-8XtP3Wh-fxZP5dIkUi7sq6mVvthHr6NF1MaAHrhd26BDElPeMaBdsITzjHsYbCr3rLX7MS2rNiDXD1PxBcnTq2_7Iku5VGE0YzzyNnzdvy5eL9VaZi4Fodz&google_hm=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ0Z35YuEzS2o-Gf0OC-8XtP3Wh-fxZP5dIkUi7sq6mVvthHr6NF1MaAHrhd26BDElPeMaBdsITzjHsYbCr3rLX7MS2rNiDXD1PxBcnTq2_7Iku5VGE0YzzyNnzdvy5eL9VaZi4Fodz&google_hm=d2267f63-c0d7-476d-8d53-0e6c4eaacf63
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F4BA
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEbRhzF_k818wahntYtpRmU&google_cver=1&google_push=AYg5qPKSpaZgiGpcYjoZBNS-CiKn2fqtbyO7Vj27UIUkc5K65QCx9dNQG5m3yq2WQRI3_tUUwLjjA0JXj8fozXIhldS3EMDvt...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&mn_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKSpaZgiGpcYjoZBNS-CiKn2fq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&mn_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKSpaZgiGpcYjoZBNS-CiKn2fqtbyO7Vj27UIUkc5K65QCx9dNQG5m3yq2WQRI3_tUUwLjjA0JXj8fozXIhldS3EMDvtJ4YG28xGXzOnKJj_69fFFq8o66vt9DOHcc_qd9I1MtRcnAV&gdpr=&gdpr_consent=
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&mn_hm=Mjk3MzI3NzY2MTQ1NDY5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKSpaZgiGpcYjoZBNS-CiKn2fqtbyO7Vj27UIUkc5K65QCx9dNQG5m3yq2WQRI3_tUUwLjjA0JXj8fozXIhldS3EMDvtJ4YG28xGXzOnKJj_69fFFq8o66vt9DOHcc_qd9I1MtRcnAV&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 04 Jun 2022 07:02:48 GMT
pixel
cm.g.doubleclick.net/ Frame F4BA
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELzP3ZKesMZoSTXoWZatY7k&google_cver=1&google_push=AYg5qPK34JmFDSQoZWJ8y-C2dSl-0eE3s4ulXu_6C3GXJDQPGSyxdb88Ef6rxX0J2SDL18SvZsKvbDaERLD7bq...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNWY0YWY2ZmRmZDBmNDc2YzUxYWNlNmRiNjc0NDgyMWE=&google_push=AYg5qPK34JmFDSQoZWJ8y-C2dSl-0eE3s4ulXu_6C3GXJDQPGSyxdb88Ef6rxX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNWY0YWY2ZmRmZDBmNDc2YzUxYWNlNmRiNjc0NDgyMWE=&google_push=AYg5qPK34JmFDSQoZWJ8y-C2dSl-0eE3s4ulXu_6C3GXJDQPGSyxdb88Ef6rxX0J2SDL18SvZsKvbDaERLD7bqdp6zWCU6qIJUzn_8Qv-CEDSVGoHCY320DG67NTdlLlYpIALlGm_RI5CDSZ
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNWY0YWY2ZmRmZDBmNDc2YzUxYWNlNmRiNjc0NDgyMWE=&google_push=AYg5qPK34JmFDSQoZWJ8y-C2dSl-0eE3s4ulXu_6C3GXJDQPGSyxdb88Ef6rxX0J2SDL18SvZsKvbDaERLD7bqdp6zWCU6qIJUzn_8Qv-CEDSVGoHCY320DG67NTdlLlYpIALlGm_RI5CDSZ
date
Sat, 04 Jun 2022 07:02:48 GMT
server
Chocolate Cookie Sync Powered by Vdopia
content-length
0
pixel
cm.g.doubleclick.net/ Frame F4BA
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1FyM...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMlO4Uyf6yoGs2CQ3_5sfFA%26google_cver%3D1%26google_push%3DAYg5qPKS-0vfHOUpOR5t4e...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8492896450583913946&exchange=193&google_gid=CAESEMlO4Uyf6yoGs2CQ3_5sfFA&google_cver=1&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYP...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1Fy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1FyMZ_mZwEiRIKiYQ4eYJSqte_B0QShlwMGZTr9-RJTy9RRBMReq5iOf0ddFO3PzfF_3
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg0OTI4OTY0NTA1ODM5MTM5NDY&google_push=AYg5qPKS-0vfHOUpOR5t4eDqy8r6HE1V1cYSpyxtyhokUJO1LOYPVuRJE_lMDLRyVNaC_Klxs33q1FyMZ_mZwEiRIKiYQ4eYJSqte_B0QShlwMGZTr9-RJTy9RRBMReq5iOf0ddFO3PzfF_3
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame F4BA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6GnhWhFs3zZIzQM8K8a6_iTJpKuA5tupOIFdvmH7RLaSXtusAu5ww5anHCoXL8F_dGBUO_Q
Requested by
Host: 514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 6B21 		5 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f01e377121631cac91f0f644ae025a9ad40000b69e3317ebda1b1c6a83fdddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jun 2022 06:03:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Jun 2022 07:02:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jun 2022 07:02:48 GMT
e50be9916a9219b0681d1b35f7abaa99.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/ Frame 6B21 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/e50be9916a9219b0681d1b35f7abaa99.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed2c498a761170ddb9c3f590b1b6d120d7a8c7debbc5079b99951db43c036862
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
191981
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36524
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:59:46 GMT
server
sffe
date
Thu, 02 Jun 2022 01:43:07 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Jun 2023 01:43:07 GMT
dbd88037109e586c26bdfc50fa232cd6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/ Frame 6B21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/dbd88037109e586c26bdfc50fa232cd6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90f76036f54fde1969a5ea98043a8ce4c14210dc7c154d1bb228391e63e806d6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
52029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4689
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:59:46 GMT
server
sffe
date
Fri, 03 Jun 2022 16:35:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Jun 2023 16:35:39 GMT
48a65d4757eca0aa44c9b7d1daed062b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/ Frame 6B21 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/48a65d4757eca0aa44c9b7d1daed062b.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
700490644eee8f5e27de79233f44079a13d885a7ab224647f45bf7c4122dd83e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
52029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1404
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:59:46 GMT
server
sffe
date
Fri, 03 Jun 2022 16:35:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Jun 2023 16:35:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 326C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXO0XbuBQtVTB3GPdsZazrztYyfEQSVkqDl9hEm2Il_AyT0N4tpLvGDIAbgHEWWhB8_fPvDWhdOpFQeM1uNHfF9YRk6hte0trb1G7kzfPWaeeAhxVtVCCBRg&sai=AMfl-YS1T863VZiOAZTAp7yhzfpeVR24vYAoY_BDFIeVdxQ__ge8kU7eKJZxEooiAe9_dXw_OSHi7xgJgbga-aKa_9bDQx8uXqRZDHQ1f8f7HONphbqNHp8aPyGkQVpM&sig=Cg0ArKJSzA-f2eyCPvzpEAE&cid=CAASJeRoyKQQsYL3SMvq7xtCUKJst9Q7pRa-zPQEfrtmH9_mwtYtOJs&id=lidar2&mcvt=1085&p=822,321,1072,621&mtos=1085,1085,1085,1085,1085&tos=1085,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2511280138&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654326162250&rpt=5173&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
pagead2.googlesyndication.com/bg/ Frame 736B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:44:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
47913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13861
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 17:44:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DFBF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220601&jk=2744440300896503&rc=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
396846.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://idsync.rlcdn.com/462246.gif?partner_uid=c3vfv4svbq87v
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
362358.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame A728
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CO8KEhgKFAgBEPkHGg1jM3ZmdjRzdmJxODd2EAAalwEIl4fslAYSBAgCEAASBQiUKRAAEgUI5SsQABIFCOYrEAASBQjnKxAAEgUI6CsQABIFCOkrEAA...
  • https://pippio.com/api/sync/ddp?pid=2&m=CO8KEhgKFAgBEPkHGg1jM3ZmdjRzdmJxODd2EAAalwEIl4fslAYSBAgCEAASBQiUKRAAEgUI5SsQABIFCOYrEAASBQjnKxAAEgUI6CsQABIFCOkrEAASBQjqKxAAEgUI6ysQABIFCOwrEAASBQjtKxAAEgUI7...
  • https://rc.rlcdn.com/456809.gif?n=16&cparams=placement%3D1391
  • https://usermatch.krxd.net/um/v2?partner=liveramp
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
52.5.192.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-192-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1654326169
x-served-by
beacon-n026-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
date
Sat, 04 Jun 2022 07:02:49 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
458249.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=980ce6e2-1f57-432a-9bd0-c3f2cf92728f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=980ce6e2-1f57-432a-9bd0-c3f2cf92728f
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=980ce6e2-1f57-432a-9bd0-c3f2cf92728f
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
px
p.adsymptotic.com/d/ Frame A728 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
715ece19aebda210-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43
47154.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D1391
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=caf8629b-0391-4400-a758-3b41b5522cdf
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=caf8629b-0391-4400-a758-3b41b5522cdf
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=caf8629b-0391-4400-a758-3b41b5522cdf
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Jun 2022 07:02:47 GMT
52154.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D1391
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0e6337ee-44cf-4177-ac70-d883a88d1cb6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D1391
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=72a5fb4633bb8f41e27e94cc8e9aeea94e19661809b7fe4fa1c0025841e8fd37c0cb235b3774c97e&cb=06969182
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=72a5fb4633bb8f41e27e94cc8e9aeea94e19661809b7fe4fa1c0025841e8fd37c0cb235b3774c97e&cb=06969182
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GEK73GPFSMJ2RMK5Z3D7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=72a5fb4633bb8f41e27e94cc8e9aeea94e19661809b7fe4fa1c0025841e8fd37c0cb235b3774c97e&cb=06969182
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
362588.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D1391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://idsync.rlcdn.com/362588.gif?partner_uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
362248.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D1391
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=956f7b05f9253506001945cd4f208886fa7c2331c4932c878c29d4842d2616aab0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=956f7b05f9253506001945cd4f208886fa7c2331c4932c878c29d4842d2616aab0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
  • https://idsync.rlcdn.com/362248.gif?partner_uid=67652380882744311431016741235110046064
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362248.gif?partner_uid=67652380882744311431016741235110046064
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

DCS
dcs-prod-usw2-2-v030-05732e826.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
63tHl+YuQlI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://idsync.rlcdn.com/362248.gif?partner_uid=67652380882744311431016741235110046064
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ Frame 6D9C 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 01:02:19 GMT
x-content-type-options
nosniff
age
367229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 01:02:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4178 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220601&jk=928158971882855&rc=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame A0BA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:48 GMT
expires
Sat, 04 Jun 2022 07:02:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 07:02:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
show_pla
flint.defybrick.com/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=83871106207687090788607236768118048226729722059221928690971193229180&nc=0&tsf=0&tsfmi=&pv=0&cb=1654326168685&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3860155981&at=&bid=e30%3D&di=W1siZWYiLDEwNV0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsMlwiLFwidlwiOlwiZ29vZ2xlIGluYy4g%0D%0AKGdvb2dsZSlcIixcInJcIjpcImFuZ2xlIChnb29nbGUsIHZ1bGthbiAxLjIuMCAoc3dpZnRzaGFk%0D%0AZXIgZGV2aWNlIChzdWJ6ZXJvKSAoMHgwMDAwYzBkZSkpLCBzd2lmdHNoYWRlciBkcml2ZXIpXCIs%0D%0AXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMy4wMCAob3BlbmdsIGVzIGdsc2wgZXMgMy4wIGNocm9t%0D%0AaXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMi4wIChvcGVuZ2wgZXMgMy4wIGNocm9taXVtKVwiLFwi%0D%0AZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo5LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3%0D%0AZWJnbFwiLFwic2VmXCI6MTA1MTY5NDA4OSxcInNlY1wiOlwiXCJ9Il0sWy0xLCItIl0sWy0yLCIx%0D%0AMCxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VF%0D%0AQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJp%0D%0AbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwi%0D%0ALFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndc%0D%0AIjpbXCIwXCIsXCJjaHJvbWVcIixcIiRcIixcImpRdWVyeVwiLFwiZ3RhZ1wiLFwiZGF0YUxheWVy%0D%0AXCIsXCJwcmVzc2xhYnNcIixcImRvY3VtZW50SW5pdE9uZVNpZ25hbFwiLFwiT25lU2lnbmFsXCIs%0D%0AXCJhZHNieWdvb2dsZVwiLFwia1ByZWJpZFRpbWVvdXRcIixcImtSZWZyZXNoUG9sbFRpbWVcIixc%0D%0AImdSZWZyZXNoQ291bnRcIixcImdPWFJlZnJlc2hDb3VudFwiLFwiZ1JlZnJlc2hEZWJ1Z1wiLFwi%0D%0AZ1ByZWJpZERlYnVnXCIsXCJnVHJhY2tWaXNpYmlsaXR5XCIsXCJnTGF6eUxvYWRcIixcImdUcmFj%0D%0Aa1BhZ2VWaXNpYmlsaXR5XCIsXCJrMzBTZWNvbmRSZWZyZXNoSW50ZXJ2YWxcIixcIms2MFNlY29u%0D%0AZFJlZnJlc2hJbnRlcnZhbFwiLFwiazkwU2Vjb25kUmVmcmVzaEludGVydmFsXCIsXCJrMTIwU2Vj%0D%0Ab25kUmVmcmVzaEludGVydmFsXCIsXCJrMTgwU2Vjb25kUmVmcmVzaEludGVydmFsXCIsXCJrRG9O%0D%0Ab3RSZWZyZXNoXCIsXCJrRGVmYXVsdFJlZnJlc2hJbnRlcnZhbFwiLFwiZ1NDaGFpbk5vZGVzXCIs%0D%0AXCJnR0RQUl9mb3JjZUxvY2FsZVwiLFwiZ0dEUFJfc2lsZW50Tm9Db25zZW50XCIsXCJnR0RQUl9m%0D%0Ab3JjZU5vQ29uc2VudFwiLFwiZ0dEUFJfTm9uVENGVmVuZG9yc1wiLFwiZ0dEUFJfcHVibGlzaGVy%0D%0AQ291bnRyeUNvZGVcIixcImdHRFBSX2xvZ29VUkxcIixcImdHRFBSX3ByaXZhY3lQb2xpY3lVUkxc%0D%0AIixcImtBbWF6b25QdWJsaXNoZXJJRFwiLFwiYWQ3Mjh4OTBBVEZcIixcImFkMzIweDUwQVRGXCIs%0D%0AXCJhZDcyOHg5MEJURlwiLFwiYWQzMjB4NTBCVEZcIixcImFkNzI4eDkwU3RpY2t5XCIsXCJhZDMy%0D%0AMHg1MFN0aWNreVwiLFwiYWQzMDB4MjUwU2lkZWJhcjFcIixcImFkMzAweDI1MFNpZGViYXIyXCIs%0D%0AXCJhZDMwMHgyNTBMZWZ0MVwiLFwiYWQzMDB4MjUwTGVmdDJcIixcImFkMzAweDI1MFJpZ2h0MVwi%0D%0ALFwiYWQzMDB4MjUwUmlnaHQyXCIsXCJhZDE2MHg2MDBTaWRlYmFyXCIsXCJnQnJvd3NlcldpZHRo%0D%0AXCIsXCJkZXNrdG9wQWRVbml0c1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgs%0D%0AIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3Jp%0D%0AcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwi%0D%0ALFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQs%0D%0AIntcIm9cIjowLjAwNjgwMjcyMTA4ODQzNTM3NH0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcs%0D%0AIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwx%0D%0ANjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1c%0D%0AIl0iXSxbLTIwLCI3ODI0Nzk4NjMuMTY1NDMyNjE1OCJdLFstMjEsImI1TUl4UlVsIl0sWy0yMiwi%0D%0AW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0%0D%0AamhzXCI6NzY2MDAwMDAsXCJ1amhzXCI6NjAzMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxb%0D%0ALTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsy%0D%0ALDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0i%0D%0AXSxbLTMxLCJmYWxzZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjU0%0D%0AMzI2MTY4NjU1LDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4%0D%0AMC0iXSxbLTM4LCJpLC0xLC0xLDAsMCwxLDAsMjQsNzYsMjEyLDU4OCwwLDM3My44LDM3My44LDEx%0D%0AMDY3LDExMDY4Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIs%0D%0AXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzMiXSxb%0D%0ALTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAxMDEwMDExMTAx%0D%0AMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25v%0D%0Ad24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsMTEy%0D%0AXV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A304%2C%22y%22%3A4900%2C%22w%22%3A0%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=Zz6gnFlWgX&sdd=%7B%7D&pto=11098
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f8cde3a345118e5f8d098d68e1814df5c75ed64fa2ae9b4b1cd7022c9c9bd07c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
3479
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8222 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1eb1627495420b99e221ea2d15998bcaddc92c801f7b3ddacbf3e41709aeeab9

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ Frame 8222 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c771a0497eb54dc0438257f8ba5f312390ade71934b1b68e56e5373331eea409

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
/
img-cdn.clinch.co/img2/yldcQE/120/45/2/0a0a0a0/ Frame 8222 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn.clinch.co/img2/yldcQE/120/45/2/0a0a0a0/?u=https%3A%2F%2Fcdn.clinch.co%2Fa_client%2F520%2Fassets_library%2Fcolor_albertsons_C.svg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=yldcQE&caid=11217&format=_300ax250a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCzGS5kAObYpCcNY_u_gTU6or4BKeT4u1pv_b3stoP8C4QASD5m_GEAWDJ9qaM0KTkD6ABsLP9qQLIAQmoAwGqBIoCT9Dz02wBURMvHGEFgBoVVNRLVvkfaVLr0deZsI14pIyA8rKiG9Qhnk4-QOvoArPYSxwe985vT2OtyL-oj5AwOSnimUWIold9Lt3HTnJ6pFru_nX9gVlLQgz30GE64wSI-nuwMNw-anoAArNQS8M7hxY9qnlWTLiKXr2WPKMeiuDyoBicgQC6dKJIb9PurIiSveOutyUrpRnCXJtJ5QSlqL623SZYoYoiKUXEOWUT4TQe2Zg3YWfmIWJz1Va9j3z0ssmSxUIe9WkZ3W5B2opTAtpAB9xMX1I3Eaq2XOaj8nh0FGJXTLOJKt4G10phDOzwNXxebO9XRuroNd2qNU-uMSpp9ZaBYRhdOKbABOiokNH7A-AEA5AGAaAGTYAHuMyC1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBO20KEP0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E%26sig%3DAOD64_0woDA1rXaaEx-VOH0MJ-fEg8qgOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-B3GlePTRq3sO_WbZvYbMRf7T05KCTbAeieaLArwN-Vex67jZuDxriMOI4ZAFIyBofDpMb-zUN-Y3O8Ma-zRWKIL1nAALbng-p0ZY0deZHzxj4Vp8TXTTmIDqvJihowJsAkhUi17GxrC823e0G31GnMwHDeCg%26cry%3D1%26dbm_d%3DAKAmf-CmaA0TYIS5Xzf4ZXOXKq6ZRcct7A4CNtGST2rt-ve3qnj-VuLwP1Gtm3UscURyEcy-yPRaL8g9NJC5r-XGtFRDnA45QgQver1EQxk9H49pzl66H8seMAB84SssPjHv1dKDnnoQ2FjxIdcXQeFWEBhnuaYE1-x9xH4XCKLV1pyjkf83K7JX5idFRFujW1gNd2rKa4Llk_MkSes-zYHcfwaLuYsPPBlKorPMlLjtAm665MCYozlA7tmfWFTyvlxnt-svJDQ9JkuFQ4n88VTCannVfITzBOFtvLz8oMuqLYPtUMqp24K3cJ0pTE6q0LV6MBClgIxHXxhPisb6axZmabU5DWBjm8tu6odWBz6fzncL0siO8sKqCWq8TbXoFUQC67RqdhSU7F5WGoDUFJqFpVI4E9Iax3rSQrTA1xVUP5cviQ0qEarzhi-3c-rftvnCTdxx72phg6CsDDCAMsSn5Vtq14evCXvDZ4GGHzoVWkoms2ecsnHarvBx4zdU2sk8XSXogFD0hDAU7ke-bZP-wRR902l_pvFgYNk2cOPJsE2YB1XOG4s%26adurl%3D&dsp=dv360&plcId=334385315&dsp_impression_id=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&site_url=https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&dsp_pub_id=1&site_id=6378137792&dsp_insertion_order_id=28045553&dsp_caid=16968901175&dsp_crid=421534988&dsp_tracker_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIt8Szmz-oAozVgvYBsALx4a8NQAHSAioYACITCJCkpZmdk_gCFQ-3nwodVLUCTygBMAE4v_b3stoPQAJIAViZgSAQjLqAyQFWUfoY1oxgtM1TTnefP4pQ&rnd=1654326160871952&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13::172f:91b2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
250c9e6d63bebf420f01c3cab92a74ab1a8002da5b80d5df634f12d222382a8d

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
Kestrel
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=641445
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
1764
63788585446917.jpg
cdn.clinch.co/a_client_styles/27709/ Frame 8222 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clinch.co/a_client_styles/27709/63788585446917.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=yldcQE&caid=11217&format=_300ax250a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCzGS5kAObYpCcNY_u_gTU6or4BKeT4u1pv_b3stoP8C4QASD5m_GEAWDJ9qaM0KTkD6ABsLP9qQLIAQmoAwGqBIoCT9Dz02wBURMvHGEFgBoVVNRLVvkfaVLr0deZsI14pIyA8rKiG9Qhnk4-QOvoArPYSxwe985vT2OtyL-oj5AwOSnimUWIold9Lt3HTnJ6pFru_nX9gVlLQgz30GE64wSI-nuwMNw-anoAArNQS8M7hxY9qnlWTLiKXr2WPKMeiuDyoBicgQC6dKJIb9PurIiSveOutyUrpRnCXJtJ5QSlqL623SZYoYoiKUXEOWUT4TQe2Zg3YWfmIWJz1Va9j3z0ssmSxUIe9WkZ3W5B2opTAtpAB9xMX1I3Eaq2XOaj8nh0FGJXTLOJKt4G10phDOzwNXxebO9XRuroNd2qNU-uMSpp9ZaBYRhdOKbABOiokNH7A-AEA5AGAaAGTYAHuMyC1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBO20KEP0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E%26sig%3DAOD64_0woDA1rXaaEx-VOH0MJ-fEg8qgOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-B3GlePTRq3sO_WbZvYbMRf7T05KCTbAeieaLArwN-Vex67jZuDxriMOI4ZAFIyBofDpMb-zUN-Y3O8Ma-zRWKIL1nAALbng-p0ZY0deZHzxj4Vp8TXTTmIDqvJihowJsAkhUi17GxrC823e0G31GnMwHDeCg%26cry%3D1%26dbm_d%3DAKAmf-CmaA0TYIS5Xzf4ZXOXKq6ZRcct7A4CNtGST2rt-ve3qnj-VuLwP1Gtm3UscURyEcy-yPRaL8g9NJC5r-XGtFRDnA45QgQver1EQxk9H49pzl66H8seMAB84SssPjHv1dKDnnoQ2FjxIdcXQeFWEBhnuaYE1-x9xH4XCKLV1pyjkf83K7JX5idFRFujW1gNd2rKa4Llk_MkSes-zYHcfwaLuYsPPBlKorPMlLjtAm665MCYozlA7tmfWFTyvlxnt-svJDQ9JkuFQ4n88VTCannVfITzBOFtvLz8oMuqLYPtUMqp24K3cJ0pTE6q0LV6MBClgIxHXxhPisb6axZmabU5DWBjm8tu6odWBz6fzncL0siO8sKqCWq8TbXoFUQC67RqdhSU7F5WGoDUFJqFpVI4E9Iax3rSQrTA1xVUP5cviQ0qEarzhi-3c-rftvnCTdxx72phg6CsDDCAMsSn5Vtq14evCXvDZ4GGHzoVWkoms2ecsnHarvBx4zdU2sk8XSXogFD0hDAU7ke-bZP-wRR902l_pvFgYNk2cOPJsE2YB1XOG4s%26adurl%3D&dsp=dv360&plcId=334385315&dsp_impression_id=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&site_url=https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&dsp_pub_id=1&site_id=6378137792&dsp_insertion_order_id=28045553&dsp_caid=16968901175&dsp_crid=421534988&dsp_tracker_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIt8Szmz-oAozVgvYBsALx4a8NQAHSAioYACITCJCkpZmdk_gCFQ-3nwodVLUCTygBMAE4v_b3stoPQAJIAViZgSAQjLqAyQFWUfoY1oxgtM1TTnefP4pQ&rnd=1654326160871952&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13::1724:128 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bff5a930635c50743b63a18e35b99355dade5765dd27f2c84d889f2d23aedd8d

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
x-amz-request-id
T9EC3N2N37PCN45X
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
27508
x-amz-id-2
N1cFXvomUnOomWcIl9EX1FmGX6dStQXXj6LkT3F7KH13vQ9A1fCpHpfLQhiAtJT1HnNmohis5Mw=
Last-Modified
Thu, 19 May 2022 19:30:48 GMT
Server
AmazonS3
ETag
"cf3d486d6df5efbd6fa6ed894e6c4d8f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31245696
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 31 May 2023 22:24:24 GMT
imp
trk.clinch.co/ Frame 8222 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.clinch.co/imp?cid=yldcQE&caid=11217&frmt=300a250&csid=27709&dsp=dv360&plcid=334385315&iid=3e6df0df-a4c5-4bfd-95bf-9a8199ba62ef&env=web&hid=82675a8e-aa12-421a-a6cc-c2c03ff7f1e6&fcpath=mJICApIDAZIGAZIFApIEA5IMAZIcAZIgwA&prd=Ecommerce&ids=Message_632_Right-to-Win_2HRCTD_All_Banners_Grilling&isrc=topItems&issrc=Message_632_Right-to-Win_2HRCTD_All_Banners_Grilling&feed=4186&tilid=8366&lpsrc=LocationFeedCustomLink1&locfeed=382&bizid=2&bizgrpid=albertsons&locsrc=Ip2LocDb&locsrcs=4444444444&bizgmethod=Predefined&dist=3399560&tags=Location_Maxmind&dspiid=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&dsp_caid=16968901175&dsp_pub_id=1&domain=www.iphoneincanada.ca&dsp_insertion_order_id=28045553&dsp_crid=421534988&ct=CA&city=Montreal&st=QC&stName=Quebec&zip=h3g%200a1&dma=124462&isp=ovh%20sas&contype=1&tc=&a=1654326168720
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=yldcQE&caid=11217&format=_300ax250a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCzGS5kAObYpCcNY_u_gTU6or4BKeT4u1pv_b3stoP8C4QASD5m_GEAWDJ9qaM0KTkD6ABsLP9qQLIAQmoAwGqBIoCT9Dz02wBURMvHGEFgBoVVNRLVvkfaVLr0deZsI14pIyA8rKiG9Qhnk4-QOvoArPYSxwe985vT2OtyL-oj5AwOSnimUWIold9Lt3HTnJ6pFru_nX9gVlLQgz30GE64wSI-nuwMNw-anoAArNQS8M7hxY9qnlWTLiKXr2WPKMeiuDyoBicgQC6dKJIb9PurIiSveOutyUrpRnCXJtJ5QSlqL623SZYoYoiKUXEOWUT4TQe2Zg3YWfmIWJz1Va9j3z0ssmSxUIe9WkZ3W5B2opTAtpAB9xMX1I3Eaq2XOaj8nh0FGJXTLOJKt4G10phDOzwNXxebO9XRuroNd2qNU-uMSpp9ZaBYRhdOKbABOiokNH7A-AEA5AGAaAGTYAHuMyC1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBO20KEP0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozrXN1nIhC5a8CGLgkWjf1tx7N79OLmJ51TSz49xLGAy4M0E%26sig%3DAOD64_0woDA1rXaaEx-VOH0MJ-fEg8qgOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-B3GlePTRq3sO_WbZvYbMRf7T05KCTbAeieaLArwN-Vex67jZuDxriMOI4ZAFIyBofDpMb-zUN-Y3O8Ma-zRWKIL1nAALbng-p0ZY0deZHzxj4Vp8TXTTmIDqvJihowJsAkhUi17GxrC823e0G31GnMwHDeCg%26cry%3D1%26dbm_d%3DAKAmf-CmaA0TYIS5Xzf4ZXOXKq6ZRcct7A4CNtGST2rt-ve3qnj-VuLwP1Gtm3UscURyEcy-yPRaL8g9NJC5r-XGtFRDnA45QgQver1EQxk9H49pzl66H8seMAB84SssPjHv1dKDnnoQ2FjxIdcXQeFWEBhnuaYE1-x9xH4XCKLV1pyjkf83K7JX5idFRFujW1gNd2rKa4Llk_MkSes-zYHcfwaLuYsPPBlKorPMlLjtAm665MCYozlA7tmfWFTyvlxnt-svJDQ9JkuFQ4n88VTCannVfITzBOFtvLz8oMuqLYPtUMqp24K3cJ0pTE6q0LV6MBClgIxHXxhPisb6axZmabU5DWBjm8tu6odWBz6fzncL0siO8sKqCWq8TbXoFUQC67RqdhSU7F5WGoDUFJqFpVI4E9Iax3rSQrTA1xVUP5cviQ0qEarzhi-3c-rftvnCTdxx72phg6CsDDCAMsSn5Vtq14evCXvDZ4GGHzoVWkoms2ecsnHarvBx4zdU2sk8XSXogFD0hDAU7ke-bZP-wRR902l_pvFgYNk2cOPJsE2YB1XOG4s%26adurl%3D&dsp=dv360&plcId=334385315&dsp_impression_id=ABAjH0hg8Dfy6Agk4o-evPvAtAjK&site_url=https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/&dsp_pub_id=1&site_id=6378137792&dsp_insertion_order_id=28045553&dsp_caid=16968901175&dsp_crid=421534988&dsp_tracker_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIt8Szmz-oAozVgvYBsALx4a8NQAHSAioYACITCJCkpZmdk_gCFQ-3nwodVLUCTygBMAE4v_b3stoPQAJIAViZgSAQjLqAyQFWUfoY1oxgtM1TTnefP4pQ&rnd=1654326160871952&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.169.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-169-144.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:48 GMT
cache-control
no-store
content-type
image/gif
server
Kestrel
x-robots-tag
none
content-length
43
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 7339 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 7448 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 3878 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame DD22 		2 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=2aafcc4e-7a7d-40c8-b86b-ec06df84fca6
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Sat, 04 Jun 2022 07:02:48 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1654012169.216966"
expires
Sat, 11 Jun 2022 07:02:48 GMT
last-modified
Tue, 31 May 2022 12:44:37 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame ACE4 		416 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-length
416
content-type
text/html
date
Sat, 04 Jun 2022 07:02:48 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1654012166.265603"
expires
Sat, 11 Jun 2022 07:02:48 GMT
last-modified
Tue, 31 May 2022 12:44:37 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=524f64f14121bafe4250ed4127a44d28&pvId=524f64f14121bafe4250ed4127a44d28&sid=969224&pid=70874&idx=0&wId=829&pad=0&org=0&tm=1447&eT=0&cnsnt=1---&widgetWidth=0&widgetHeight=0&widgetX=304&widgetY=4900&wRV=2000749&pVis=0&lsd=2aafcc4e-7a7d-40c8-b86b-ec06df84fca6&eIdx=&ccpa=1---&cheq=2&rtt=494&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
7eb191d9cded0c105f32952f6a709756
Content-Length
4
Expires
0
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 8617 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
841da94bfe377a31af829986e4c18d322f33ed46ba22a73c2bb09463dd910fb3

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
5894
content-type
text/html
date
Sat, 04 Jun 2022 07:02:48 GMT
etag
"0ad1baf268f194ce24b7c6de23c12437:1654074882.807332"
expires
Sat, 11 Jun 2022 07:02:48 GMT
last-modified
Wed, 01 Jun 2022 09:10:02 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 5BE8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ Frame 6B21 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 01:02:19 GMT
x-content-type-options
nosniff
age
367229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 01:02:19 GMT
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 2E8C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
401696.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D1391
  • https://tags.bluekai.com/site/2035?phint=rluid=27d9bcaec3b3e8f2d530a18898b8a9196ac1cc4624f664a9e819f7bb37c841932971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24...
  • https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Date
Sat, 04 Jun 2022 07:02:49 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
setuid
pbs.nextmillmedia.com/ Frame 1F96
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://pbs.nextmillmedia.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=EwNGcBZHlxfgonDXRwy1yjjY
86 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=EwNGcBZHlxfgonDXRwy1yjjY
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://statics.nextmillmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0

Redirect headers

Date
Sat, 04 Jun 2022 07:02:48 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://pbs.nextmillmedia.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=EwNGcBZHlxfgonDXRwy1yjjY
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C70 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEdk1i_1cZpkgZm7DfqEuvKtndSvuO-jMzISeS2b9iGZWHrzLuaCf9DlXNZZVo-0JL2xpUhdjtw5eDH5hVvCEa6vCeqtl30rwJhb9quyXd_a7PUdXSMyJdWA&sai=AMfl-YTVPdCsX-HNstYvSllVE8ZPktW_5NTt7DhQvXgoe6xb7oXQUPRaGJYwhqCWnLvw0Tj6NgEOrFYbIZbg8O8QoHeRkT0Tx8gMWfyrBgHAP1pSA90e9tSqpGKglGW0&sig=Cg0ArKJSzAHmCl_j4KjuEAE&cid=CAASJeRoFHySZhWw7Gd2ncCr5LTrSANlEPB-ghKOZBJtj8nva-VbE5U&id=lidar2&mcvt=1054&p=822,647,1072,947&mtos=1054,1054,1054,1054,1054&tos=1054,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1256051046&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654326162299&rpt=5595&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
img-cdn.clinch.co/img2/yldcQE/120/45/2/0a0a0a0/ Frame 8222 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn.clinch.co/img2/yldcQE/120/45/2/0a0a0a0/?u=https%3A%2F%2Fcdn.clinch.co%2Fa_client%2F520%2Fassets_library%2Fcolor_albertsons_C.svg
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/dispad/runtime_9_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13::172f:91b2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
250c9e6d63bebf420f01c3cab92a74ab1a8002da5b80d5df634f12d222382a8d

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Server
Kestrel
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=641445
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
1764
63788585446917.jpg
cdn.clinch.co/a_client_styles/27709/ Frame 8222 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clinch.co/a_client_styles/27709/63788585446917.jpg
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/dispad/runtime_9_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13::1724:128 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bff5a930635c50743b63a18e35b99355dade5765dd27f2c84d889f2d23aedd8d

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
x-amz-request-id
T9EC3N2N37PCN45X
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
27508
x-amz-id-2
N1cFXvomUnOomWcIl9EX1FmGX6dStQXXj6LkT3F7KH13vQ9A1fCpHpfLQhiAtJT1HnNmohis5Mw=
Last-Modified
Thu, 19 May 2022 19:30:48 GMT
Server
AmazonS3
ETag
"cf3d486d6df5efbd6fa6ed894e6c4d8f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31245695
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 31 May 2023 22:24:24 GMT
m.js
cheqzone.b-cdn.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheqzone.b-cdn.net/m.js?v=30
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY1-885 /
Resource Hash
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-fileserver
56
cdn-storageserver
DE-51
cdn-cachedat
2022-03-10 07:43:18
cdn-pullzone
47782
last-modified
Sun, 01 Mar 2020 11:55:08 GMT
server
BunnyCDN-NY1-885
cdn-requestpullcode
200
etag
W/"5e5ba29c-2970"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
739152b1653849f1d1dd2180dfd504b9
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1654326169019&sessionId=3d4683ff-bb09-39c3-e0fa-41e795e01d42&url=www.iphoneincanada.ca&cheqSource=1&cheqEvent=2&responseTime=1327
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:49 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
1085debeeebac1010e92507a0814162c
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136feac437ec468c959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163345714393d30164f578afe6d0e34748b54f88bd39e821da61c45085052aae2d05f91e46042ccc5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1a08f77f6aa890117ae8d9eb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f8284eef58bebb6197ef627b1baa92c0062bdd23595e213e14d4709855d5886d1d7888fbc9227c32c90c6f5ae53df5f5b1aa35e6492c0c34a7d81eb26ac53b1944acc24fc7d464f029967e40cdcc3af2ee2dc6e9c5ca9cfcbcb69ce010478e84b58586c4373cbab68b844d7c08422a6d264fedd20dd97f8b36f9fb7e15c707398a64f56c0a20a4a05bbe8ef24b963dab203b1b56daf39fe62ca15815682fc2195533aa0f1d039617b3f1e685e1f42fba3df348740f45a5c5f3bace15dd599041ebced8ef9e332d0e7e7e094baf3e341243fe74486bf456d81457918d26b41726df567b2751cc7f7dc658a61cb388dab28d1a50e9f7f133c23047c0f81c6e4d9516747c90a4f87a0a8a9acd8011794b1a16fd39e6171dcce007f3cbbd78c1452e862db1bc644b42d9156998d46e4a871a28982d2d5&cb=1654326169018&cri=Zz6gnFlWgX
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
397676.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D1391
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=X-njCZQ5NpT3WET0fu7FqJYW7ISbb5b4
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=X-njCZQ5NpT3WET0fu7FqJYW7ISbb5b4
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=X-njCZQ5NpT3WET0fu7FqJYW7ISbb5b4
date
Sat, 04 Jun 2022 07:02:48 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2852
content-length
221
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
sync
idsync.reson8.com/sources/pixel/v1/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=8&cparams=placement%3D1391
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ
0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
104.18.20.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
715ece1dddf3a228-YYZ
date
Sat, 04 Jun 2022 07:02:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 6D9C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame ACE4 		610 B
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
355
content-type
text/html
date
Sat, 04 Jun 2022 07:02:49 GMT
etag
"48053d50141031b1511dbd30f9a31288:1654012166.993203"
expires
Sat, 11 Jun 2022 07:02:49 GMT
last-modified
Tue, 31 May 2022 12:44:37 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
396846.gif
idsync.rlcdn.com/ Frame 8617
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ed85ebd-8cde-0947-2bf9-15346d5bdf1c
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
29859
tags.bluekai.com/site/ Frame 8617 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29859?id=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-85-195-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=LzYl8o9JwaVt_2Mo36Wu&gdpr=0&us_privacy=1---
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=LzYl8o9JwaVt_2Mo36Wu&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
ad86f0c38db0ced54b6c10ce80c99920
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:49 GMT
P3p
CP="We do not support P3P header."
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=LzYl8o9JwaVt_2Mo36Wu&gdpr=0&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1696151633887888005&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1696151633887888005&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
fa0dc00207f638f2db495807ea30b578
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:49 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
30adfb7a-a4a3-40ea-81e3-536ceb2e7fd9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1696151633887888005&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 8617
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_pd=1&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v030-03223e0dd.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dwD8VHjNS3E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v030-07bafa859.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
V8n7GKUlTt8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 8617 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.148.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-148-43.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Sat, 04 Jun 2022 07:02:48 GMT
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
cbfa1928b4ee85d45e06e1c691a0489c
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usermatch.gif
beacon.krxd.net/ Frame 8617 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.192.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-192-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1654326169
x-served-by
beacon-n002-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 8617 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.148.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-115.nrt51.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 70ea2665cb3938f189926758e1aadaae.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
NRT51-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
M_ZbPHr7Crd_YvgAFHS2qMZDIrQMJP_dURXvvC9pRI5LhEUJIJLiKQ==
expires
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
de84020e195f73980872ea9028b73496
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=0d910e7b-0c76-4f6a-b985-2933ada92f3a
date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3Dbff618de-2b06-48a2-bbff-b6ccc8d390...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=caf8629b-0391-4400-a758-3b41b5522cdf&expires=30&ssp=outbrain&bsw_param=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
9032a080792cf2f19a56f5e162928360
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UB...
  • https://sync.outbrain.com/cookie-sync?p=criteo&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
4d7bd554b8bedceaa18061af3292a05e
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=debed773-bb01-4d0a-b4d8-d6b9feb4cb78
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1180398
content-length
0
expires
Sat, 04 Jun 2022 00:00:00 GMT
/
onetag-sys.com/match/ Frame 8617
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMxw6ww8E7SiWnvzI-7zIW8&google_cver=1
  • https://onetag-sys.com/match/?int_id=30&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=bff618de-2b06-48a2-bbff-b6ccc8d39000&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7105276792781666443
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7105276792781666443
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
8d3b8a9e91b41d757bec29abe1d012a7
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7105276792781666443
Date
Sat, 04 Jun 2022 07:02:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
match
ps.eyeota.net/ Frame 8617 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=1mpn7m0&uid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Content-Length
0
OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
id.geistm.com/m/OB/ Frame 8617 		0
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=DEf6JokJqJ47SmJlfWk4&pi=outbrain
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=DEf6JokJqJ47SmJlfWk4&pi=outbrain
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
3cc26192fa649762e8e2ebf1d0bd63c9
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=DEf6JokJqJ47SmJlfWk4&pi=outbrain
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT, Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L3ZJ2XP4-T-4YFE
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L3ZJ2XP4-T-4YFE
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
3e0b4f1f3656f518feedc5a2a88484cf
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L3ZJ2XP4-T-4YFE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71U...
  • https://sync.outbrain.com/cookie-sync?p=bidtellect&uid=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidtellect&uid=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
f3f2d74cc2fda5b58259c5acd3352e18
Content-Length
0

Redirect headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://sync.outbrain.com/cookie-sync?p=bidtellect&uid=02ebdaa4-1c3f-476a-bc99-8cf6aaad36d5&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
287
Expires
-1
tpid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 8617 		49 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.137.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-137-214.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.35.58
content-type
image/gif
content-length
49
expires
0
362358.gif
idsync.rlcdn.com/ Frame 8617
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://idsync.rlcdn.com/397416.gif?partner_uid=d01f4caee5c9b05e1731903996871aa7
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELV2eB7UnfYl3OrRfjBrol4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyx...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
774d78e28f7ef9662da0785cbb9a993b
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
348
Expires
Sat, 04 Jun 2022 07:02:49 GMT
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZol...
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=spotx&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
135a9356a176851489c82e21405a4b31
Content-Length
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
location
https://sync.outbrain.com/cookie-sync?p=spotx&uid=520dded0-e3d4-11ec-9fcf-17aa2b400403&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
328
content-length
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESENfV2N9tlb7fxBHOKetopyQ&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F2FA02F7620E412F9BAA59AB0D5D3BA6
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=855B06D3-3D54-4A42-91F6-827309E6A457
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=855B06D3-3D54-4A42-91F6-827309E6A457
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
184105cd3f09a7a47c7d307916bb0921
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=855B06D3-3D54-4A42-91F6-827309E6A457
date
Sat, 04 Jun 2022 07:02:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQ...
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=7b0f08dc-3e77-02db-17ef-c76aec7b79ef
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=7b0f08dc-3e77-02db-17ef-c76aec7b79ef
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
62f1030242a884f3975d7479dc4f0b84
Content-Length
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.outbrain.com/cookie-sync?p=openx&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&uid=7b0f08dc-3e77-02db-17ef-c76aec7b79ef
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
cfc6283c82f3017b5d89285249ef142c
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A&gdpr=0&gdpr_consent=
date
Sat, 04 Jun 2022 07:02:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=1696151633887888005brt77741654326161870409ba&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=emx&uid=1696151633887888005brt77741654326161870409ba&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
1b2457f0429ad7d7bf4bebbc8b2d40c7
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=emx&uid=1696151633887888005brt77741654326161870409ba&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
date
Sat, 04 Jun 2022 07:02:49 GMT
content-length
0
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuC...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=5818cbe3-0415-4bc2-b812-970695154f41&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=5818cbe3-0415-4bc2-b812-970695154f41&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
925f5ebd4ce0fa24353a420b1ea994f6
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=5818cbe3-0415-4bc2-b812-970695154f41&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
date
Sat, 04 Jun 2022 07:02:49 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7W...
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1654326169327
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
3d74323662cbebd3128b3a415e706630
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:49 GMT
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=7ba3b0ae&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=7ba3b0ae&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
20b28cb0c49d449625b162b8129d8593
Content-Length
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 919e9b9a356118bf34b96bfdfbc59e82.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT51-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=7ba3b0ae&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
3Vkyub40u09Q6E8NJ6V4TaIa9kVAg1tOP-yNazZtP_MW4mlbxQtPnA==
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DOKEkCA5OIpBEhi...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=8867012480303613517&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=8867012480303613517&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
ffd64ba32fbecfd19bf7c904dcf589a7
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=8867012480303613517&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
date
Sat, 04 Jun 2022 07:02:49 GMT
content-length
0
c.gif
c.bing.com/ Frame 8617 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
etag
"16911eef936cd81:0"
last-modified
Fri, 20 May 2022 21:52:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DF6C9BA0928F4BD78A6F3431500186B3 Ref B: YTO01EDGE0517 Ref C: 2022-06-04T07:02:49Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7...
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=25D7ABA302DE40CDACD5FDD4F5407C54&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=synacor&uid=25D7ABA302DE40CDACD5FDD4F5407C54&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
28553c063429e798168d1831b971b8ba
Content-Length
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.outbrain.com/cookie-sync?p=synacor&uid=25D7ABA302DE40CDACD5FDD4F5407C54&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://widgets.outbrain.com/
access-control-allow-credentials
true
x-varnish
720391614
content-length
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 8617 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drise%26uid%3D%5BpartnerId%5D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.73.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-73-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
b7c9f8c92979046e3a255ad067f4a931
Content-Length
0

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DOKEkCA5OIpBEhimiH0iibPKl5...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
ae5e585073193871ca793757bdbf5b5e
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&obUid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie-sync
sync.outbrain.com/ Frame 8617
Redirect Chain
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DOKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=AzFRawUwUTsYMQk6V2BFbAZlWmgYZgpsB2bQMMUg
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=AzFRawUwUTsYMQk6V2BFbAZlWmgYZgpsB2bQMMUg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 07:02:49 GMT
Cache-Control
no-cache
X-TraceId
4315ab55b6ac6436b558352e74cf4c41
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=AzFRawUwUTsYMQk6V2BFbAZlWmgYZgpsB2bQMMUg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
367148.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=9&cparams=placement%3D1391
  • https://sync-tm.everesttech.net/upi/pid/w8wqx7f2?redir=https%3A%2F%2Fidsync.rlcdn.com%2F367148.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24%7BTM_USER_ID%7D
  • https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=YpsDkQAGWK5FIQAo
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=YpsDkQAGWK5FIQAo
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654326169.258780,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=YpsDkQAGWK5FIQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
367408.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=10&cparams=placement%3D1391
  • https://loadm.exelator.com/load/?p=204&g=450&rluid=b24250a426be424505059ab562227c184d1e0af4b3523a3edec80fd34ef088f0f2fc7f7248dfd545&j=0
  • https://idsync.rlcdn.com/362708.gif?partner_uid=d01f4caee5c9b05e1731903996871aa7
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTk1NjkwMzUvdC8y/dpuid/0c42cbff2ab4b55e7cfa707dec4654cdbb0100aa02e406cc12b88e7f12a0e9663528d9f17d145da0/url/https://idsync.rlcdn.com/367408.gif?partner_ui...
  • https://idsync.rlcdn.com/367408.gif?partner_uid=3440408375380958027
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/367408.gif?partner_uid=3440408375380958027
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/367408.gif?partner_uid=3440408375380958027
pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
394366.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=11&cparams=placement%3D1391
  • https://p.adsymptotic.com/d/px?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=b077ee03e5b9b4911b8873b448bdb11f639561f05f521390f088c7f9b9c29d0546fb3967ab0bd795&_rand=01649550&_redirect=ht...
  • https://idsync.rlcdn.com/394366.gif?partner_uid=06da7c091c28e7bf49bdb0525209ee43
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/394366.gif?partner_uid=06da7c091c28e7bf49bdb0525209ee43
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='NON DSP COR CONi OUR BUS CNT'
location
https://idsync.rlcdn.com/394366.gif?partner_uid=06da7c091c28e7bf49bdb0525209ee43
cf-ray
715ece1dea27a210-YYZ
content-length
0
380008.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=12&cparams=placement%3D1391
  • https://cms.analytics.yahoo.com/cms?partner_id=LVRMP
  • https://idsync.rlcdn.com/380008.gif?partner_uid=y-JKCjdQ1E2pwncl3kAdvOVIn7oSC0DtqJNyc-~A
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/380008.gif?partner_uid=y-JKCjdQ1E2pwncl3kAdvOVIn7oSC0DtqJNyc-~A
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
http/1.1 spdc0109.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://idsync.rlcdn.com/380008.gif?partner_uid=y-JKCjdQ1E2pwncl3kAdvOVIn7oSC0DtqJNyc-~A
content-length
0
p2
ads.scorecardresearch.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=13&cparams=placement%3D1391
  • https://ads.scorecardresearch.com/p?c1=9&c2=17057153&c3=1&c6=ac37f8858452fc943f66a23e3d9f0626fa4715e63a1d921697790439ff4c987cffebc811cafadc33&placement=1391&cj=1&rn=00630109
  • https://ads.scorecardresearch.com/p2?c1=9&c2=17057153&c3=1&c6=ac37f8858452fc943f66a23e3d9f0626fa4715e63a1d921697790439ff4c987cffebc811cafadc33&placement=1391&cj=1&rn=00630109
43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/p2?c1=9&c2=17057153&c3=1&c6=ac37f8858452fc943f66a23e3d9f0626fa4715e63a1d921697790439ff4c987cffebc811cafadc33&placement=1391&cj=1&rn=00630109
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
18.65.148.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-148-94.nrt51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:50 GMT
via
1.1 0562c10cd1de273a854c74bbd3199220.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-P1
content-length
43
x-amz-cf-id
xJX2xVpwnerzbgMEzhGuMDQsmebZBpALG1pEj50ufumBWEQdJ7r5yw==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=9&c2=17057153&c3=1&c6=ac37f8858452fc943f66a23e3d9f0626fa4715e63a1d921697790439ff4c987cffebc811cafadc33&placement=1391&cj=1&rn=00630109
date
Sat, 04 Jun 2022 07:02:50 GMT
via
1.1 0562c10cd1de273a854c74bbd3199220.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-P1
content-length
0
x-amz-cf-id
2FM9KjvyDJa_LCGKWmtvnZt41ufjLuKINhADYi8ctCJGy3GWuVazMg==
x-cache
Miss from cloudfront
setuid
pbs.nextmillmedia.com/ Frame 1F96
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=1696151633887888005
86 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=1696151633887888005
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://statics.nextmillmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:49 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ddd353ae-f23c-4b56-9980-271b70fc5055
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=1696151633887888005
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 6B21 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C0D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDt6xHGDlGfZCF_94p7MH4ZnAHn2XBKYFtHwWn90hLxws7n5oMbeVgdkHQCmGDLKQ_FCdDypPESOgDlVdBGW-kknOg3fjQL_WeT6VXIXoXgwbMu2MctTCIl667LsO2vaxphGIYk5Sh2IoaQcra&sai=AMfl-YR_H-9y1w50TjKLR37OWs2MDSTLD80WXwAQolv6ebsTELLSslqKCe1QzFYDl12iFBSuk7Koe4Kt1jezWDWlqJStDLXkZ5mwy4yHMc83kA-sd8UWhmWiAuRizy-X&sig=Cg0ArKJSzM37jPqmYCDqEAE&cid=CAASFeRoll5bLnsXhvMiw7RbJRnL7UcBpg&id=lidar2&mcvt=1041&p=1109,437,1199,1165&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1580647515&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654326162140&rpt=5996&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8232 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOH6G9XCy8Jouo_R_KW5kW-Y437_lx4yE4gfxgUenaGlwO3VPSAfBMnJf3w3Jq9GcAp9P7VkPmII16yA_xJLnupIDm7OWyoVr9tZZHDCvgSQqyiGsActZ2xShHAFXBCmHLbltDy6Qt2qgccw3F&sai=AMfl-YT4FS8ySVxQzfbD_Y47PCOZdqHu5P5jlYE07StGNXnyOxiz2vIAChmo2uBF3llnehIFIi-0npOsyZw3C39LnJKG_pXcMAAt6e57sPjzdw5PcoZ1XDcZYUL0icrn&sig=Cg0ArKJSzOAy8JqdPvAUEAE&cid=CAASFeRolF6KGnOBdWFsqa_BLgBCdSq6rQ&id=lidar2&mcvt=1072&p=0,0,200,240&mtos=1072,1072,1072,1072,1072&tos=1072,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4156644800&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654326167445&rpt=834&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
360787.gif
idsync.rlcdn.com/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=14&cparams=placement%3D1391
  • https://pm.w55c.net/ping_match.gif?st=LIVERAMP&rurl=https%3A%2F%2Fidsync.rlcdn.com%2F360787.gif%3Fserved_by%3Devergreen%26partner_uid%3D_wfivefivec_
  • https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=EDNHR2xN1NXnO75
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=EDNHR2xN1NXnO75
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:48 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-045f61744186fb714@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=EDNHR2xN1NXnO75
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
pbs.nextmillmedia.com/ Frame 1F96
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_USER...
  • https://pbs.nextmillmedia.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&f=i&uid=5818cbe3-0415-4bc2-b812-970695154f41
86 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&f=i&uid=5818cbe3-0415-4bc2-b812-970695154f41
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://statics.nextmillmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&f=i&uid=5818cbe3-0415-4bc2-b812-970695154f41
date
Sat, 04 Jun 2022 07:02:49 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
d.agkn.com/pixel/10751/ Frame A728
Redirect Chain
  • https://rc.rlcdn.com/456809.gif?n=15&cparams=placement%3D1391
  • https://lrpush.apxlv.com/?id=45a9b701b1bf35bf44f1bb9d238d3a636cc8eb875fad73802e40f811a2ece6cb282350dfc9d494a0&ret=placement=1391
  • https://gpush.cogocast.net/?ula=1&cb=lr1&dc_id=d8ce7bafb76d6b9577d22e456a620021
  • https://cm.g.doubleclick.net/pixel?cb=lr1&google_cm=1&google_hm=2M57r7dta5V30i5FamIAIQ%3D%3D&google_nid=cogo_labs&google_sc=1&ld=1&u=d8ce7bafb76d6b9577d22e456a620021
  • https://gpush.cogocast.net/?cb=lr1&ld=1&u=d8ce7bafb76d6b9577d22e456a620021&google_gid=CAESECK90RaqA5WRLxfyqJQ3BRs&google_cver=1
  • https://adadvisor.net/adscores/g.pixel?_redir=https%3A%2F%2Fidsync.rlcdn.com%2F366818.gif%3Fpartner_uid%3Dd8ce7bafb76d6b9577d22e456a620021&partner_id=d8ce7bafb76d6b9577d22e456a620021&sid=9212275448
  • https://aa.agkn.com/adscores/g.pixel?_redir=https%3A%2F%2Fidsync.rlcdn.com%2F366818.gif%3Fpartner_uid%3Dd8ce7bafb76d6b9577d22e456a620021&partner_id=d8ce7bafb76d6b9577d22e456a620021&sid=9212275448&&...
  • https://d.agkn.com/pixel/10751/?che=1654326170430&ip=149.56.153.178
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10751/?che=1654326170430&ip=149.56.153.178
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
2600:9000:221d:4000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:50 GMT
via
1.1 143a0366264891ba45115988d1b33ba2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
KIX50-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
eS4JdiS62U7eX1e45gRTn8niwJH6G-KX-VvSiebH6_EiGdh20Em9yw==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:50 GMT
via
1.1 70ea2665cb3938f189926758e1aadaae.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
NRT51-P1
location
https://d.agkn.com/pixel/10751/?che=1654326170430&ip=149.56.153.178
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
2C28DZXbh4TU68sib5uFEd3N3zglHGwXm3F4TePFLObteZV5mHhv3g==
expires
0
generate_204
tpc.googlesyndication.com/ Frame 7448 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3ZEU7Q
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2E8C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1Wj4vw
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
de.tynt.com/deb/ Frame 6593
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSE...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&i...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: statics.nextmillmedia.com
URL: https://statics.nextmillmedia.com/load-cookie.html?v=4&bidders=33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,colossus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
c914ad5ff1ab1931c0915a34eeb0f9c81d0c3875d8de295665f078cd968b5cda

Request headers

Referer
https://statics.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1864
content-type
text/html
date
Sat, 04 Jun 2022 07:02:48 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sat, 04 Jun 2022 07:02:49 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8340000A
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7339 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByGnMlgObYr6yDc3jowaw1JygCQAAAAA4AeAEAg&bg=!Li2lLWnNAAao8wy8iPM7ACkAdvg8Wo69g1LoiotsyG39bCn5p3g8TRXfzPzrtAABgvDXhXSmjKqe0AIAAALCUgAAAAJoAQcKAFZ8nGJSFgR5g5AfcrWNBm9HGFOmBFgtCyh93jIuwSrSVwL0_ARudPHtDbfINHeKxJ5geKiAWqUhbhe3BoI9gvT-IqgtiXrt75AsIpASwSYnGYYZNWcSS5kC8pUsAtE5cunu4xuLzLRedKouwteesOHNUOLeQ7DwTeR9khiCqlloa9TGBYlICB-X9lKFHlGtnfSegTp44m3HC-SjmbmB5PQvKKDRf-r16kzFz952mEYCDkJSxMbukBzSq-l0xWynlqDAFNxjAypJZQPbQMCOw4XocQKhsKLaD1uagL7i4l7O2N18BAiT5P5L-xDNfQAZxIs2k9VOm06JqN54pjXpl4eq017hf5zw97puMveoduXSzGcZ4r4aNO3BKuqvl5TAWcKhZPXcAC2rHFh08h4tYpoO68rCjb69NAuZXHtXtNREeEEzu9WI7qu3kbat6PelcrILvtSgKuBb7u5vEu3POw3pnlQBKFj_JO72_VZFaoOSHmAgGiGzDIhWRuYmOI43m3rSqtixI4RsZiTQNKqGPnf6jnHTDAPaCbzF4DfPtmm-4VHfc12_XlH9nzVeHTAtLGvc3TevWI4QOtOAu5J3ave3D0xLpVgM4yHvwchMbPem2OUrwUePRw5-RCw9ccjSq3F2nQyxZ6oIYJEnu9Qp5lWruxe8SXwaKul7MTr7yDD4ZyIHC0eesVQscAoonIag35w3r0Qwb1TP8uVdphEDMVYu71b3q0uDCz60v6lCDr8S9JL7r80okIJA7shLg_DWO_8FqQtQUm3ARE6_dvrAbfayiXMz6OyV8fgrxzWHdeThUZEkkbky5L2eIWO2vuULKG-k3ZIj_rZCdqotX9DAGgmfh9rr_jp4fB5JZkcbA1sdGTLaOnIf4p-RsiUEl02RwCC5ezRKD_9hZ6TP-rN1yq7CYgJrO2gu3fz9SdV_NV_Z6HYlE1YPvwqR7BhW_Bx1xVSlJIe0zw6nCrfHRIxqKgr9c1qZra8QsxXeSP14akBABcoxUsvw79jVuhhsikhaNxfUMP91hab_PjbcEwYpjLJBQTPQO9N7t9Y6_RZdK0EMdBz4XiNhToR3I9Wq4qjpFZIgH1XvfiC6H-JizJ6SD4GPdiQJIhW47UfiNZI
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BE8 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By0WnkwObYs23HILIzwXBr7qABAAAAAA4AeAEAg&bg=!PD-lP3vNAAao8wy8iPM7ACkAdvg8WrczzXk394v5MW2LgYNAB9S4TkkuAP2AEEBG9A7joWwpyJXUpQIAAAJNUgAAAAJoAQcKAB6-h64NhvGSBLJcFJ1pQncGg7WWRpITP07kmNBXuNqZAu1ZW6VL4ROYD5BVSL0uPEbBdzabFUAAhDMXAEloCFW3HzMPs5G_d-NSAp3Peg1giIISo37k6wzlkEOs8TYtttfW6P7JbTidqnR14CDaFNy0C5wk6CthQ47nKrgAoGitmuDht5DcojKSQPy3J65G9waoj_Gjd9G-AyeY6G79xn8DEnszHmD_zhSTNzgNUdWG0yeuD5MEx6zjG2LODUwe0sQWb3kcU7JnVii4mOpq15MJEnPbZkCigOBZ_ujCrZLPyquwM4I_AM8qBUDzcvb7iCiZZNqgKb0XPVmRBADAffmBJvVhEbOgOmWFmg7-2BWaeC3w_VAM9EUJN_7O2SWkQDg12AfOG7MF6D5xrsfN2XpJW53VWUkSqjpFJPUAflgWHEeKj4nRoY_s93WwRW8-9DUQKSoCp4eI6oNL0EtZ9h7YPppL8uCy_op8Z9eDmopiQFVuC9xJffB9JDKCAPw1nLM-b2BiL0GWcBf11V3wRB_CjILSUhfM710T_4pcV6rlI7JbLvhuroVa_1mX02o-JGbFAGo4N42XLq6ZZXRKecwJinJySfLaJg2vKYtjr0I1EtqqlrflsLdbtmVzCgm4Qc77F9VQT4ySDGjRHkkJpIarzDJ8675y3TzyXaCDj9QG25cf1jsBTPef740mJhq7PgiGRG5UIR_stJmGkU3Mn2fLVCmjNa9yuQEqxMOw9RX18iv4oDRasyRW9FAs4E6M6WZhDoTLvN8YrXV-C65Xu0HzjX90HMQO3gCyGZau40OxTjhJcGysXb4iqfeFccZK60JT1dWjDraJZAtPZH4lHcH821XEuUjcMk_Tb0AcCJuW44ZJ4fQkOZ2RrKKeTUOGJkWXFRy9EdS96Fn6bvJ2_x7QnymYcGhTb6qk7JQjueTYS-96_lqsKj8arWKpJESEKLIU5mgXOnOK29WtAyNMXNdDKWv3KfQSdsXd3-veWpdDoP6Raxxu3m5-PVhL6xcD6OvcLR_P8k-GpbHVNFKELw
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3878 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BECF4lQObYreqGI3wzgXp5774BgAAAAA4AeAEAg&bg=!GxilGFzNAAao8wy8iPM7ACkAdvg8WjHN8Y-8Ky8t4rkFJwfmKwUwX9a7mkb0n1g6byK0ImdgZGOj-wIAAAKTUgAAAAhoAQeZAvsR7r-5xSmcv9__socFOSxW8D6JxwR3FFgMmpy36b1lbC-5pqw_lHC4UeU7BZ0Toohc6bSVERRHh_-TyCkWFQV0-BbIt4gV4_GlutpjyKjgI7-p0INMiPO-rvalGEW1LBTaQEjzwu27bELmAVtk9KVEdO_fFtZD7a3B3koGcz0BBiNEuEDBtsOpuS5rWtb0d1fz_X3dNqUkdBGQURQx2Ij6aT_TQzPQCxlx7S_7otOJzkRmW4tK8auLIAdrzrmB7uRb6rL961Y02XcWXZKfNb8f7B6Q32RgABnk11X6LSLdTH4iCDfaX21J2UbcrUoE3M8wl1uzQZ_zAponNsLnjocKQVt5nJVjy5YHUHydej8GHYfGN4T-PLQEYs2AC-IbmbFCmkLv7g9PWH4_FsmBcGqU2qwoCgX-qv9cEdCjZpe-8b7jzyZltAQmzhC59o9JD0VP_-PBCHngbgHMj70d4dvGQZNF7R3EdgyddILXDgOb59NUEU0noCrZLj-j6m3igdrMGiZHcNJdToTsdYDCYkPNhkjwbT2UFyJMPtbKiGqdyTzTP2ea2bpnqCoF_S_QhXlqDcos2CIyNrPNZXFcUVrt4gnQY92BVuOFC0w7dOL95ypj7b6oExSXDVdPfKIW82EQHmO0UiM9_KtUSww044TDnHj_v-Qmmz9V3dI6vlNs1K2gK8DGS1uCrWGiDeyid1uxZIDMooANRzs-1mXrlIOZqGCCfBG7YzqtytEd6KOyf2R4BPW9b_SoFaZq93LhLTi2FFOoeD-gUPSTJ15lMaNpEfA4aBhNF9wQfyuCbdjeVWo8fI9RuOma4d4ttN4ZMwTuMazPlG3xn_Bt_tRsmnf7r3ewCwVwvs2a7ZHGUFYKELnxeS8DzV5omC8Mr1dvE2VgmXQCQFCmM563dUVZR6rioPsXvV9KIZA-Z0UqGaLewLpwbPxhfefUiRHUCOkd1P7XWTH1fZ-pVckdcAzr0OxgRLr8noVgw6po2OSzkaTxRFqjjShF0XQWc9dA
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
pbs.nextmillmedia.com/ Frame 6593
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1654326169738.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdp...
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&gdpr=&gdpr_consent=&f=b&uid=2130873079196
0
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=33across&gdpr=&gdpr_consent=&f=b&uid=2130873079196
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H2
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://pbs.nextmillmedia.com/setuid?bidder=33across&gdpr=&gdpr_consent=&f=b&uid=2130873079196
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6593
Redirect Chain
  • https://p.rfihub.com/cm?pub=35686&in=1&us_privacy=&lexicon_id=hgb61f7bf1d89bb
  • https://ssc-cms.33across.com/ps/?xi=93&xu=1783777313217276866&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=93&external_user_id=1783777313217276866&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=93&external_user_id=1783777313217276866&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=93&external_user_id=1783777313217276866&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6593
Redirect Chain
  • https://pixel.advertising.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy=
  • https://ups.analytics.yahoo.com/ups/58410/sync?gdpr=&gdpr_consent=&redir=true&us_privacy=&apid=UP56a55407-e3d4-11ec-91ee-0219e9c28abb
  • https://ssc-cms.33across.com/ps/?xi=108&xu=y-1ri70pBE2uIGM3JTbCxluh3B8rQQm1tg~A
  • https://events-ssc.33across.com/match?bidder_id=108&external_user_id=y-1ri70pBE2uIGM3JTbCxluh3B8rQQm1tg%7EA&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=108&external_user_id=y-1ri70pBE2uIGM3JTbCxluh3B8rQQm1tg%7EA&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=108&external_user_id=y-1ri70pBE2uIGM3JTbCxluh3B8rQQm1tg%7EA&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6593
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=the33across&ssp_user_id=&_=1654326169738.4&us_privacy=
  • https://ssc-cms.33across.com/ps/?&xi=112&xu=0d910e7b-0c76-4f6a-b985-2933ada92f3a&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=112&external_user_id=0d910e7b-0c76-4f6a-b985-2933ada92f3a&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=112&external_user_id=0d910e7b-0c76-4f6a-b985-2933ada92f3a&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=112&external_user_id=0d910e7b-0c76-4f6a-b985-2933ada92f3a&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6593
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561516&ev=1&us_privacy=&rurl=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D5%26xu%3D%25%25VGUID%25%25
  • https://ssc-cms.33across.com/ps/?xi=5&xu=em1JAirFG5LC&ev=1&us_privacy=&pid=561516
  • https://events-ssc.33across.com/match?bidder_id=5&external_user_id=em1JAirFG5LC&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=5&external_user_id=em1JAirFG5LC&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=5&external_user_id=em1JAirFG5LC&ts=1654326169&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
partner.mediawallahscript.com/ Frame 6593
Redirect Chain
  • https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=DvjCBGKbA5HCESIPU54SFw%3D%3D&cb=1654326169738.6&gdpr_consent=
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=60af63fd-9099-4d96-8bf7-b911167775c3&custom=&tag_format=img&tag_action=sync&cb=1654327157&rurl=https://ws.rqtrk.eu/push?dm...
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=60af63fd-9099-4d96-8bf7-b911167775c3&custom=&tag_format=img&tag_action=sync&cb=1654327157&rurl=https://ws.rqtrk.eu/push?dmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
HTTP/1.1
Server
3.251.15.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-15-4.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Server
nginx/1.20.0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:49 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=60af63fd-9099-4d96-8bf7-b911167775c3&custom=&tag_format=img&tag_action=sync&cb=1654327157&rurl=https://ws.rqtrk.eu/push?dmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
0
expires
Sat, 04 Jun 2022 07:02:48 GMT
1696151633887888005
map.go.affec.tv/map/an/ Frame 6593
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=DvjCBGKbA5HCESIPU54SFw%3D%3D&us_privacy=&ts=1654326169738.7
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D629b039ad69a6f00018f3b6d%26chc%3Dtt%26floc%3D%26redirect_url%3D
  • https://map.go.affec.tv/map/an/1696151633887888005?ch=629b039ad69a6f00018f3b6d&chc=tt&floc=&redirect_url=
0
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/an/1696151633887888005?ch=629b039ad69a6f00018f3b6d&chc=tt&floc=&redirect_url=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H2
Server
18.65.116.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-116-34.kix50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:51 GMT
via
1.1 6261567c92bf8717fd0489ef81ebc5c2.cloudfront.net (CloudFront)
x-amz-cf-pop
KIX50-P2
content-encoding
gzip
x-amz-cf-id
-efZesrGCihhdbfq6bQKAIsqcUlp7GGql-8XYZhoRPJhDqlZM-CHsw==
vary
Accept-Encoding
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:50 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b10f16f0-cb88-4356-aeee-6167ab1c4b8f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://map.go.affec.tv/map/an/1696151633887888005?ch=629b039ad69a6f00018f3b6d&chc=tt&floc=&redirect_url=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 6593
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=DvjCBGKbA5HCESIPU54SFw%3D%3D&us_privacy=&random=1654326169738.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D42e810d3-10eb-45f8-8040-856705c10d9a%252Chttps%253A...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1696151633887888005&pt=42e810d3-10eb-45f8-8040-856705c10d9a%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3D...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=O4K341Xx
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=O4K341Xx
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=O4K341Xx
date
Sat, 04 Jun 2022 07:02:49 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
mapuid
secure.adnxs.com/ Frame 6593
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=DvjCBGKbA5HCESIPU54SFw%3D%3D&us_privacy=&random=1654326169738.9
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=2130873079196&seg_code=33x&random=1654326169
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=2130873079196&seg_code=33x&random=1654326169
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
HTTP/1.1
Server
68.67.160.184 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Jun 2022 07:02:49 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
eef7013b-25ec-4af5-a566-0e0b90188a1c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:48 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
402044000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=2130873079196&seg_code=33x&random=1654326169
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5C70 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyS257SRd9E15RB8jnBwDmackHB8B9ZmJYG-KCgi_yQIeZuqhKcLNZ8T3ruMqMTnk7E-TWzoG-HzOAajZnrdaOHttvaTYFwNgjHCsAmCgkfaHoSFeAbElQMORXj4qR3jmT2fwyr5ockbbdwOJnNwGpAaEYxS6osHyEBOT2Y9FsFUKOmEPhDnYr0gf9Mm0htLr24kWOM_1JT1iWaNRkhtuhR4iEkeceyJpSZYLXjIxiipTJqDEdLJ7UFsaWNyR51Por6t6AU4afbp7xMwvxhGV_NaSMkQN5COCdQzTzM63fYDctLDEWXPF5Fy48Nz3CdYrHZTebE4h8PgTcjGoDtLbI7TIteEMbxjjFVIH1LoqzDFQ8g7RqEh21heMCYff2iU02a3zdj5X-_5p_QrlUaS3Q76xYJWzYQUUht1njQ503mcDA6FiiCjlIVQ7rGQGIrl2pBIrKTVZRUyLnExdqd0JPSMmpWiW_IOBEyC_AoLDN8hj4B8k9CP3RmDdVeow-VHdfjixJcs4u4FxwFLz-poON4_JFMmFOu8PDFfXUl4s9zMvEgKByLyE4cJJFjtLPGeL-G3W_S94joFC8es7HqYLtr7-Sr7wl4ShvF6qy5XI2Z_9z7SxiCZjekDBYqY4LjPahSuRDK8_xt905rwySVcGtegb-MWg7M010UFfrdHBE0pWipj42PTScfjIJgkS72_XlmxKPpd4MSDQBy2xHaA7cTjziMqrjTKsJzrFECEzN_eq_ka5_cRmj8VDHWiUVN6mnDg8IKYEOmmnKX6Z2OYwsFi981GaTfUYEHLmpcLCJPfNAvcbe8AzzP5-dvx_KcAqESfB_tiApcefq29Zgm6XJKlqcRvQxzv6olU3-CRHKnBtPC3rqiOMz6F6EYIIHwbxsHPdOc_3qF60znElw8-FQbT4i0KTVrm7qkWZI--jjJTI_BrWQWLe4Ritx3jhYIoGocmFWXLZyRIYFGcDG3lhIkI5f5bVGKam-TLnaO1ZdthK1Y6_rwaXoLM0uOzpShPUbRo5wi_fXjbHI0NSiF4fGYp7xFo_FY_zsO-H7aOsOPOhlu6QEkoeKVKzGGAwnrD_B01d4yYdMC65ZwHAKetjM-qVkxwRee5OHl4t9HCBiJI9X7ybPo2GgnAlGQMf8bTj3_alZavWxIGPiaZ_chU9JKvfNmxgtAfWmcKrOMOoTyez3__gU9iqCD_mB83hxjVkbMZXbm6WIkwOlFRSL1iHocydU&sai=AMfl-YQTeSAQSfu6VjD-BjG4Xm0ZIfA0KxgrAdMcMjS2e0a6B_jeZp_-xcmunuhkiakEw5Od0a9R6UUL-XDiIflCz7FMMaELcFmaEysOpZR79Y-HmYPVsWPoPDGZFvf6BNY7bLf4_MoAY_u8Y8IxFcyFRqRJTt4I0s5XIQys_OuQX-pGZpvly-m_db79mOPHrgtDKL09PwYo2CpQpk3K8cIWTyvJ&sig=Cg0ArKJSzLf7DX3RkJiiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3146&vt=11&dtpt=3145&dett=4&cstd=0&cisv=r20220601.97099&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYKpdQ6MYptdvswk4vNghKFSH__RZ53Nt4OkwJNHHJzNsTE1OrOObsDO5M4sV19xhfeqgIPJfTKmQ8VoJK6kfnZAaUH3AAM9mYQ2d99C86ND7gLh-xXUKG3tcNeGS-cK1Ldg0PIMLK_ajhcr9jWl_ALI7w6w&dbm_d=AKAmf-D2la3WCJt4egVr3HLf_3qYDXNDCkk-SxAMeE01Uza-vIMUYU_UhHNphFEZUeBeOgOjLZgRZxPDFUSMA0-5F9ncgIBB7B0VlN4aDPVZRPPLKI62hxuQmmSmkJJKsTyjTYLEKERfN8T6oRRfThef0MdujyZ86a7FZeD048u9XNTbweoQaJP4q21NESeAcGCdp-DSAbkvznkTQ-I3KPeMuGmgO48jhG04-Zpb7Tw_4umlNPZnyNbvgU8O_r7gOuTq-FvZJnoLN6BCJaoxaEIMzjSdouG0jpc1c-2qPWwRR72b-zomRi0H4d9felzHnDK-6li9EshLqZtBEb67GxNO_tpJNGDwE0lTUDQQUIadFHdNGC27X46JkVbMk9FYBZSCJT7QRstn0K_fIpK7qJxVIU6HbVWDY3Sevp1JnB12hGOFI1l05c_FOUZ2o6q_8o3ODwecvaeRY-LawtkLmlbgC_xGi1LpywTwu3JLd6LQYnzSEtZAgEZ4TwbewOydlH5klOi4wPnsl2Uawmtqsm-u3kmzQUK0F9y9QJ-I7J76E4CX6XaSEwPD0wJ1acpItmsf17D2ugFjS0lmErCIiy3NKbHvQAfE1B3bClRiZD_8BmgivWYfmZi25TORyUtA_5OENaYhv_Qd9gCDMLhhc9XL1k4ufbx4o1CUcAboqCaaP322MGX3JYiX5GDj0kzPTyhEr5jb0VNJ3LL9EbqeuwglXidlz9ntyMmhokHzKZNvD3P_Ama-pK0QwC2wEOJPltw8ggI0Mrt021FvGynnbPjsonQ6NtuHoyTRZfXuV-MB34nQg2orCw_B6uKtZeRJ4bB-SVTuug8mqqgSDoEkXZ1YJDEt4NSgoCEjIlYQOvYJJf4tnVlRbwfbp5tgTMDfX6tLAzcZ0RNAZJHMFF4wyMhAACw7REyuJh8iGoDSYVYXBBb_GLU78OAL5RyY3MDW4-F-NgpE793Nna-DLJzjmZOSg7A7W4W049SjnxZUHNpc0AkKmrqDQ2zmUOs7mH0TyAMKPRxD6Y1u6yiqthO_HVS3DSixBxK9Mp-KXoVW1Hz5cSWB-OJKO4SCQTRgp9IpdiP0fOZO9RfV3j12cwAMA1QIcksPiMbALnILaTEfzuvAQquEi76qFo27TBLLjf8noVLAnaLdjtzOyMTDfc8g7rq6FRj_KYDyqHHZahpQ7_haIQ6pkxKNNb8DwlggjYMeko0ch3KEm09yHfZiggkcjv49zI6NmwOmFYpQrAUU_Y9ipdnFa-Boj08F5SctNu0zT9HE1e8zHHO8AzvG39xnuu7gF8uzkbdPGtqzuwHY_uMpLHswVC29cYY6sVeCAaylUoqsFnwJMATyEb0VdQriQM79QnCeHuqTbYJm32J5o4KnPPA6lB9vp_qDJmZU0MovV0UzngLopDEpcZaxcugokF2gnfM68yZdSsEA1Tb9SanJM_L6G7BiJZcLGDBwKOYEF1NLbj6LZc7n-p1VNJaT0z5vB0SLg--girFBwrArTsTsq1gXwmK6NhrsjKmsA5fNlFZQdfD5jKjt98VXJU7cd2zM4mOK62wdAcrr9KimdUCbcp8KCeMNeBibDFogoOmIkvK4vYpS19im2Gi8F2x04dyoLe3uyxe1-AFI4udU6e1_pa1EjdOGZWO8jvqpxzMbyCn-ujxateKC3iKkBSqYmS44XnH3vBS6NizNOgWwoG5t5Y_Js0Bo5rtoWCrqk8IdyPSi5U5aB3l3LparQwjK7EQrLewlDDObdi1Thh8_yHCdYsjIaOqW2VkB0BIMTXo8L_oGInEVbG92j_ggl2u1YgqmV6JwuDf9bb1Q-7pmg5tWXbVjp7CBcPUuZgfnVRcjXDYtLm85aKpHiaYR5nWd1pkb1UsqMbi6f05H6uv_MYlFODFfldulV_UQu3iVF8KyfPqHDE1714_3DY9LIEnpc1F6iBspVwxng0eFPWkYW5pOZYgDWa3V3oB6hR1jLUF8XCXLUZhmeNQi1MuGcoNZb_lXBaJ9IxCacGMP-coghzkaAFrZ4OHGAOMijOrOm4hbykATBdvgaYvSv8_I--as2Q7zeOv7ZkfxwCrQjMaahzDeb2PD3JtaOq7S5k7KvR-7eJJM0W4Qv4KWY2JREEHXAjozAzLxI0XJGcMzzN3U0oq77PN8Nu11eOCOsz_uEwREMjzgDGKZH8KxNo1B6f0maGBvMwqJ0n9gqAZ3XVDzXrrCOFqsuDmRWO85z_XLRSSZfMxlrf60tq2QKQZUYZxK9JE856pa_A_27pj74n776ewAm5mjHbQUeT9KBNQiDH6kDUDL_jdzxrzQMSzK2Y1J9HKzrLZTzi5fsmiMOyJ08W4WliuVzst4fQ5GfJjF2gDon4GfAJlw4M8ZWkKPAInM1t9VZZRP7weHG-oLWsl7JuiuFUwvPznoEkOMDhFO2lfuMPRwL-B01w2gjILRegNviztabgQLvNoNRe2_7tLWq2XGItJ_biqLV08Cv3c1r36y0J4uqUYlz8lB5_foPYirbcWFNn7Enaj44X7WGZzLhIpHwKDCb8Vv_jDKQ4J6bN32I2nE4kwwzCx5TO1pbgZEQ1R5JKETTX7DTWnawjBJjheV0MUj61HK8G5mNO4pUuaYkYph6G__I8aBE2fIOEBlqZKpkzAmk-dIj4HH9UzhSAI1wgCY1Ul0CaW9SYCgQyy-zu7f4LbA3twpUUbwKX2B9gsCWqwLcOz1RdWs4XKy88kmxsl2deH3vXPzerP6XF61CtUyybbVJSzeFvM4aOdGsVGO8uBc5I5IpM6-tKCD-Wrs_SdMFZBQ4sWmXFd4O3gvVH8GdwS0aEstH76WRtZtUUYTjxpzsGoG0h9WUO16EUtNDgzuaNkV674G_piRCvG21uMDD0MqLNgYnRsodk6Tyd9rcdg3kr6wxKLX_KIqe6AToDpd4zw1q5x0ef0rtim8migdZXCI50FViYth0UOZohG4UMVcDdtTmTablp9KqQigOfNtKHJyFWN12D9IymzdlPtYXXRumZxkf12zXlGYqzqvbLIs0a8rw2Y8CUjupGtYSvKex01QjlzKrefjXDgTltLidTlDHYNNbTHQ0isSRGI7KmbiyBqggev8fV6RBkRAZ_WqYCAKe7mSsO2IRv0cL9z_sCcJvJKfUN_04W0yX-WBYsAAOM37icF47FeL5fNhVx5H62NFE2RtA31uIoxbMW6ONLTZCicWHnJsdKHqJDbDGUQPiDDDsEp8Qb4Meud8PVOJ2bArSRs&cid=CAASJeRoFHySZhWw7Gd2ncCr5LTrSANlEPB-ghKOZBJtj8nva-VbE5U&rfl=1%2Chttps%253A%252F%252Fwww.iphoneincanada.ca%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/pagead/ Frame A27D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220601&jk=2744440300896503&bg=!g4ClgMTNAAao8wy8iPM7ACkAdvg8Wtzud96oceS0yQNRs9OJYlxJoCrgdxFDncER50-F7TRFFd2CdAIAAAK4UgAAAAxoAQeZArujzOsbnRxg2HcdhZX_6nS3rCTwvo-YmdAk3bLC1YixmVX9KgDbCISu1Cew_gInGZxt6G7z_cl4jz7NhLYfqR8y5QqSAyt0om-WlsVP-V0Ct-PydpYP6WUVpMRkAJPSw12MYZs1WUILu5wOmyxB8Q5BnBi4TBUw09W6Hqw_8MLesIm1Fd2gRTufvXmMMHg0YKxiS0Blr4FkwN-Y5WVGjW2yX0KU0oUfsLUnJF9rSX3MDUIlLeqt1c3Mtq6Ye6RU2W6VHXbHmxd92B_lSIMJoCzagwFUYeshRx1FlViz7W_n0FuUjFONV_ZhBHZBlZsoGyRgdrheQ_0yNoG3gSqNP99o_JM79Mlzl3qPB6ax986IB3A5OOm_aCsbFW4XLBWflaatpDwuU-NfGsmrxTQyHFdnPh8mogrd03sZzzQOMspbE5k6MU9VOtV7fRFo3i5qWt3C2MvUhVfTFE0Y5Evi2v-NhFGPj6HLJR8nDKiGC0olTyofIXO46lIpc6hYB27FMQ0xNlMogWpDc36DMSneg11s19ENwnTrKm-ZI5Rdz7IFIsYxOt7hJXRkZn2EWA0C4CnJ0o-AgtL_gWOFytSt2xO33ebD16c_IcGI44tMdRCv68tHEpwvX6cN2yYrDXGUZRz8qTGXJYY-R1fDB2JLDqit6eystjPqpUx1O8-d1QQ82QBfRB2soGewYd6ZPH75-SjBHHWypwy932DaYg7H7V4o_tApzSTTjrivkylefXbHQ40ghtY3F6lwwzuWFj8V8HAY-Z4xLIA1MhufMahIuChDKEpxeJrORAavHWv6UMOjeMiaMShR0oj6BUIvx8ANUVInKcesA4P0tCeKdQwGP4Xkb7WEoCGvOKkqZaAI9ouAotC63bsjHOQoVg6YVzFq43QPyRViqVKsg46otOSKKgwWH25l6mt_FYGqNlU
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ECC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220601&jk=928158971882855&bg=!WlmlWR3NAAao8wy8iPM7ACkAdvg8WgoJ5pYtNGc3yg9syzaMb1cH4mvGUzTVxdWa0J5u0_rC6wZpiAIAAAI0UgAAAAtoAQeZAslD2t4n19Gdn7_blYDHjSZ117OFoCVzghF-ByorPRrX0jup3HEBEdb5UAIts-ieZqwG-8yKz5j7qc1sL2n8h-SA__BzkWzu2deoLZU0DtqBGhWfe-yFOhUFBB2wqVzG-nHEhtashv5GDH9PE2o9BWsZ72xv5OO6HkDlY_4Mu83vdyD4JWq41m3-4OqXEfT0szMCjf3SoapvHX4seMWpO3cl_EYfG9aTPwIsgdKqo66EL8TdIqmA4c4t0IxpEiKgCECpJW-TURGqB8xjet8DK7mMS2JBlpWfbZZ6z9mCKQgPW4oEbTV1kcThtAcKBl7oF9gwZPQLoNxbNJV0IKTURvx6Z3eDsQYJvqQjICYE5BK7DOQIS79PCcS6jyj6UAQulwIqlTJzqG04Izmm6NmsVQGgjnwCpAkqngN7OgAyGd6E5JjA3c62ovKwMrif3-Z3DbXcrZ9I4LxzcQ3ZXuQQYbe7_zvW-o-t-1fzd-52DKSoDtYp87Eg8feXLs4KO4CdhzSbiaCQy74Rcc5lP-EJzCmygdr-P1wMh6ymLDpdHyr89prmfLFjBm2KLXeCe9cIAxRcN9ascrDeHc-2-ONKUIuMIErcIvvW5SxzPCT60T_QN-oZFQI2y7ebBC9yVXtkoQdRFmYRczeJMFTCslN1tOiTgbrdpCVfEXDrQtPfEkoWyNtySoSD0bjvF33jdB0JZjBQzSQuv3uJgVexDPd7NUoMbP5bc0QBuGrmoryFXTMBt9ZI5IH0gpTg3HntNKz7KeWdvG6y3rdOxk0Q5rxe4Nfkyxj1ewllrhsxp44K5MQfGLxw-AxwE_TFGMznvjG6Pbk2b-T49EgX9Vs0ru3SPtXj9EipbFqUfh0MGC824ZJaBUaEOcOwHSwBpuO94zLzgyT0WYGDHacm8uOp_JEICiWLZWVDwweZv1c80bLTUQaVa1z0SoYwS8dGvw
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame F7DD 		227 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
a161c7e4760b2028abb95c207a56db46567129f2659d222fd94d87760ba86066

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:49 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
186
setuid
pbs.nextmillmedia.com/ Frame 1F96
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&f=i&uid=g88aa88ceacb14000313&gdpr=&gdpr_consent=&us_privacy=
86 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&f=i&uid=g88aa88ceacb14000313&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.iphoneincanada.ca
URL: https://www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers/
Protocol
H2
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://statics.nextmillmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:51 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&f=i&uid=g88aa88ceacb14000313&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
setuid
pbs.nextmillmedia.com/ Frame 1F96
Redirect Chain
  • https://sync.inmobi.com/prebid?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&us_privacy=&callback=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7BID5UID%7D
  • https://pbs.nextmillmedia.com/setuid?bidder=inmobi&gdpr=&gdpr_consent=&f=i&uid=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=inmobi&gdpr=&gdpr_consent=&f=i&uid=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
Protocol
H2
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=inmobi&gdpr=&gdpr_consent=&f=i&uid=ID5-ZHMOdnTpdo7ljKlR8HuhqdoRLhSlxkSQOvTy1bmlXw
date
Sat, 04 Jun 2022 07:02:50 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
player-event
events.catapultx.com/api/v1/ 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-deb2e7f3.system.entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Jun 2022 07:02:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEDcncc%2FbX0kAnEaROShQoNBOOrNQEEbh2GLQxZIGKMjBt8Hobs03QWScVt4F%2BVQp6TBAmoEuK4%2FLLjO9bJxeWvrkwxkclS3G38qFC%2Byu%2FUYRY6pOD2IqfMa1G9k7xKjlpiThz5yhZaMd81LUT3Uyc5uBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
715ece2ccfa2ece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
player-event
events.catapultx.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
715ece2c8f89ece6-YUL
date
Sat, 04 Jun 2022 07:02:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH0zVryMN0uovmnDWZySIzPtrq%2FZu1zTnVjDvdozCxWcleOv3v%2F4r7KATrvh6MhUxZriLy5TgvjsU44ywLtHRmCGkwl8w%2FIzwNqk35TIj%2BU80%2BrFdRI0AWO5kAXQFPGbGXsTV6F0KUhdy4a0Y8dqc1980g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022053101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70c4333d9e2a6f58df8af34d3abb24bb340f24ed1615d3352c37cf6cb3f642dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jun 2022 07:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10554
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 07:02:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5847 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
47917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 17:44:14 GMT
expires
Sat, 03 Jun 2023 17:44:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6DAB 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eada005d34e81c7074ae7ec35c1a65b965381e444ce29b893bd55f6a352b593c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L0cccQw_aRBRsQ96yx8ZFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iphoneincanada.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-L0cccQw_aRBRsQ96yx8ZFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jun 2022 07:02:51 GMT
expires
Sat, 04 Jun 2022 07:02:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
setuid
pbs.nextmillmedia.com/ Frame C91E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fpbs.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D%23PMUID
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3440408375380958027&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7e2f6ba0-ad77-492e-9ec4-c1463734beb8
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=855B06D3-3D54-4A42-91F6-827309E6A457
0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=855B06D3-3D54-4A42-91F6-827309E6A457
Requested by
Host: statics.nextmillmedia.com
URL: https://statics.nextmillmedia.com/load-cookie.html?v=4&bidders=33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo,33across,appnexus,colossus,improvedigital,inmobi,oftmedia,openx,pubmatic,rubicon,sovrn,yieldmo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://statics.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sat, 04 Jun 2022 07:02:51 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
120
content-type
text/html; charset=utf-8
date
Sat, 04 Jun 2022 07:02:51 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=855B06D3-3D54-4A42-91F6-827309E6A457
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 5847 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
105320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 01:47:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6DAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022053101&jk=3521502167565206&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5847 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dNVj4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:02:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usync.html
eus.rubiconproject.com/ Frame 1F96
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
Protocol
HTTP/1.1
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://statics.nextmillmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
date
Sat, 04 Jun 2022 07:02:52 GMT
access-control-allow-credentials
true
server
AkamaiGHost
access-control-allow-origin
*
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022053101&jk=3521502167565206&bg=!gIOlg8fNAAao8wy8iPM7ACkAdvg8WjHOSklq4kJrH479FlhBvBR8Q6wPhYR6LsirUHA5j2ete9bbigIAAABjUgAAAAJoAQcKAGpbQYt2JaClZYFfNg5-spuM6_JqY5yZRZtqBM45fQUk7O2A_AvCGhuDchb9KNJOncHUc4isP0WbVd9S-9xUmPdwGdzY7T_GHwEKYJQYcKG3Rbk8iT2dfQSDJV1W4LTWbM4QVotbFT285qBWmQKq3mpmed-AAtMrmr8Dm7BL7LbFWvq6YeOsdctni2Q_BpCRDC1emaRJqS00kGs6_wnVGjMBYZfHPbApTwzdZQ9O5zEG7CDWNYb52t_8Dsgbh2q1mlk8wP1HGSiy-B9EOhCtDawQqDxCjZbu2n79shLrNYPXLzrhQLLXl7HICkcMTsXaoGOAPwO_DgyZn9Peq8bnL0nNXrzq-BbEMpvE6xM2Vgytsf_TiJbQJ3_iH2MkTgKFNnftNM57C2Ngfnx7yJUJhASS2hTlqLPsGOMYGjkAVjnQs2K-s7CWyFowRVsFSacMoU8-ajH9KGOPFklUcOOVYY_7Wx6AHDV3IO8FGmsCnE-g1KK3xufp0hjubgZgFhF6fkiZKTbdejfVn0cjpHqeHbV2D3QqnhB8bHzILo3UthilFxCKaLyKRdUClx0fj6c-t9NNfU956kK5VpbfR1NikR-pZ8mhOly2TNBYia6RmqdYKAKE0z9GBEYQoxVbpyijeo-0_WuuPzcdO6jV9QkgsyBU2RpcxBj5XmWvHqwhbnVqvbrAVhofm1WazCspm9aQkHLRg95Pw7xWEh73j7xGNUOTvJijff9TF_KiRpxY0flORx1p4ETB4nPnbGBBs7qXhrxm3iTe0HGx6HXkASXlHetp1ENgznk7iHpLJAXLV7deYHvEelNf9JM8d2ymy37ZsGSab2ZIChLCKgke2HdKc9q7M9SD19mrRh0g6jkSejrvlB0GleVDbTLf8u_cyIJDMzo57qkY7g80y6T0wa51L0GKSvfw7FKsNRhsXyO5tvo3PH1Dt6PFRXLeEG_6l74Scg79pTr-i2cKIZosKdLJPL0LXb31yauSeg6EsMyTegh3cVVuXBKmYNG9hp1zybHjAu54M-_WfMYUhhcG6CAQtuQ3XNvhxroqeA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.iphoneincanada.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame F7DD 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:02:53 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
player-event
events.catapultx.com/api/v1/ 		0
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-deb2e7f3.system.entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iphoneincanada.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Jun 2022 07:02:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wmu49sc%2FztBheMqiBFU3pDVKrRyAKDtFvlFqwi%2B1gy70Gko9VZsfsyU6VOFd8NrkZqK7EiPMjNDU1Eog6v%2BCmjtlC%2B%2BZbAP%2Bf99PiWqAZAxcPaL5mTbZu2k73DHqJ0Et4mL%2B5OFT%2FTy29LOG0rIYnV5%2F5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
715ece4c0f72ece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
player-event
events.catapultx.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.catapultx.com/api/v1/player-event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.iphoneincanada.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
715ece4bcf5bece6-YUL
date
Sat, 04 Jun 2022 07:02:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTME%2FD%2B8qk3q9fAK0YN9%2Buq%2Fqn%2BjjHPsfRtlDzJwopL8DugIBxH%2ByEnc2%2Bq9nXgfSJJi1fSWmoXlX0ClTrXjwlPsxC13paILQdXEfaCMsG%2BO8sRmLi1aEPpUHtngp3zwxQW214IV1nmKw18kEsqFtLNb5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
dc_oe=ChMIjc3Dmp2T-AIVAuSzCh3Blw5AEAAYACCD2NNRQhMIiqSlmZ2T-AIVD7efCh1UtQJP;met=1;&timestamp=1654326178731;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 515B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjc3Dmp2T-AIVAuSzCh3Blw5AEAAYACCD2NNRQhMIiqSlmZ2T-AIVD7efCh1UtQJP;met=1;&timestamp=1654326178731;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 07:02:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame F7DD 		133 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=164935
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.182.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-182-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e512370eeb49fd606347b7b8dbb033201345a2dd9115c632c321062eea8eadf2

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 04 Jun 2022 07:03:00 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.iphoneincanada.ca
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
126

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27809415;s.a=3213511;p.a=336154095;a.a=527992559;cache=2720779958;
Domain
demand.catapultx.com
URL
https://demand.catapultx.com/cdn-cgi/rum?
Domain
demand.catapultx.com
URL
https://demand.catapultx.com/cdn-cgi/rum?
Domain
id.geistm.com
URL
https://id.geistm.com/m/OB/OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3

Verdicts & Comments Add Verdict or Comment

303 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation undefined| $ function| jQuery function| gtag object| dataLayer object| presslabs function| documentInitOneSignal function| OneSignal object| adsbygoogle number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad728x90ATF object| ad320x50ATF object| ad728x90BTF object| ad320x50BTF object| ad728x90Sticky object| ad320x50Sticky object| ad300x250Sidebar1 object| ad300x250Sidebar2 object| ad300x250Left1 object| ad300x250Left2 object| ad300x250Right1 object| ad300x250Right2 object| ad160x600Sidebar number| gBrowserWidth object| desktopAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount object| googletag function| _0x2484c2 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack object| pbjs function| _0x47b6 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| _0x4815 function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx function| __uspapi function| __uspOpenUI function| pb function| beacon object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet object| mnjs string| nobidVersion object| nobid object| google_tag_manager object| ggeac object| google_tag_data object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| cnx_usr_storage object| mc function| $mcj object| fnames object| ftypes object| wpcf7 object| countVars object| embedVars object| _stq number| sc_project number| sc_invisible string| sc_security string| GoogleAnalyticsObject function| ga object| DISQUSWIDGETS undefined| disqus_domain string| disqus_shortname object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_title undefined| disqus_config_custom function| disqus_config object| body_state_toggle function| Headroom function| timeago object| widgets function| widget_adblocker_not_detected function| widget_adblocker_detected function| FuckAdBlock object| fuckAdBlock function| _statcounter function| __spreadArray function| CXBootstrapLoader function| st_go function| linktracker_init object| wpcom object| nmmRefreshCounts object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| CXBootstrapper object| gaplugins object| gaData object| DISQUS function| disqus_recommendations_config number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| T2s60p2 function| T2s60p3 object| xop object| player_instance_e15349dffd40499491628a5b9fe3dc4a object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins boolean| DFPMessageEnabled object| DISQUS_RECOMMENDATIONS object| sas object| apntag object| _ADAGIO object| n3bfgo2 function| n3bfgo3 function| xblocker object| w1hubP function| w1hubI function| xblacklist function| cnxProxyTask object| closure_lm_510715 boolean| apstagLOADED boolean| creativeVendorLibraryLoaded object| System object| ID5 object| PublisherCommonId function| __extends function| __awaiter function| __generator function| __sc_import_cx_overlay object| gsapVersions boolean| cxsyncadded-153873 object| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16543261613616 object| vglnk object| ONFOCUS undefined| vglnk_16543261624097 undefined| vglnk_16543261627159 object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater undefined| vglnk_165432616791510 object| __ctcg_65349_0_exec object| GoogleGcLKhOms function| cnxAddEventListener

326 Cookies

Domain/Path Name / Value
www.iphoneincanada.ca/news/predator-spyware-for-iphones-uncovered-by-toronto-researchers Name: akuid
Value: A8492896450583913946
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 1
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2022-06-05 07:02:38"
map.go.affec.tv/map/an Name: oo
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQ4_-X7JIwCgoIgQIQ4_-X7JIwCgoIlAIQ4_-X7JIwCgoI5gEQ4_-X7JIwCgoIhwIQ4_-X7JIwCgkICRDj_5fskjAKCQg6EOP_l-ySMAoJCAsQ4_-X7JIwCgoIjAIQ4_-X7JIwCgkIXxDj_5fskjA=
i.liadm.com/s Name: _li_ss
Value: MgYI0gEQqxIyCQj_____BxC5EjIGCJIBEKoS
.iphoneincanada.ca/ Name: _ga_3KHZNDTL8T
Value: GS1.1.1654326158.1.0.1654326158.0
.iphoneincanada.ca/ Name: sc_is_visitor_unique
Value: rx3220595.1654326158.64D303949CBA4F0556DADE4EFFCFDDF3.1.1.1.1.1.1.1.1.1
capi.connatix.com/ Name: cnx_userId
Value: 8f4d5dd88a604978adde7164b67969d0
.statcounter.com/ Name: is_unique
Value: sc3220595.1654326158.0
www.iphoneincanada.ca/ Name: cnx_userId
Value: 8f4d5dd88a604978adde7164b67969d0
.iphoneincanada.ca/ Name: _ga
Value: GA1.2.782479863.1654326158
.iphoneincanada.ca/ Name: _gid
Value: GA1.2.433792528.1654326159
.iphoneincanada.ca/ Name: _gat
Value: 1
.lijit.com/ Name: ljt_reader
Value: EwNGcBZHlxfgonDXRwy1yjjY
.a-mo.net/ Name: amuid2
Value: 15f8b8fe-bcb5-4b0c-a98b-29833dc6aced
.prebid.a-mo.net/ Name: sd_amuid2
Value: 15f8b8fe-bcb5-4b0c-a98b-29833dc6aced
.adnxs.com/ Name: uuid2
Value: 1696151633887888005
.openx.net/ Name: i
Value: 18b21e82-e81e-00d0-2e56-5d2f30e78d39|1654326158
.serverbid.com/ Name: CONSUMABLEID
Value: cbcbfcf38f6149a78bfcf38f6139a72c
.yahoo.com/ Name: A3
Value: d=AQABBI4Dm2ICEKdtqvCq9WY95GrjUrvSJQIFEgEBAQFVnGKkYgAAAAAA_eMAAA&S=AQAAAlDhvY4ru2LgOu2JYPtY_78
.rubiconproject.com/ Name: khaos
Value: L3ZJ2XP4-T-4YFE
www.iphoneincanada.ca/ Name: usprivacy
Value: 1---
.adsrvr.org/ Name: TDID
Value: 7e2f6ba0-ad77-492e-9ec4-c1463734beb8
.spotxchange.com/ Name: audience
Value: 520dded0-e3d4-11ec-9fcf-17aa2b400403
.casalemedia.com/ Name: CMID
Value: YpsDj6V2eezDp-7lpu.RAQAA
.casalemedia.com/ Name: CMPS
Value: 465
.iphoneincanada.ca/ Name: __gpi
Value: UID=000005f4667db5fa:T=1654326158:RT=1654326158:S=ALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig
.bidr.io/ Name: bito
Value: AAFDDU7FNgcAAEin6MYPOw
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMPRO
Value: 463
www.iphoneincanada.ca/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.iphoneincanada.ca/ Name: _pubcid
Value: 4c870383-f0a2-488f-a35c-96260085d849
.doubleclick.net/ Name: IDE
Value: AHWqTUnsHYV9eC00Cr-_KBeKTRCRxxa4iAOKTPAmeJ2ncRdNocsRP2rv-r2OA53qDno
prebid.a-mo.net/ Name: __amc
Value: 2_1654326158_1654326160
.adnxs.com/ Name: icu
Value: ChgI4p56EAoYAiACKAIwkIfslAY4AkACSAIQkIfslAYYAQ..
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&89ec5cf1-dec8-48ee-8628-7976c088afd2"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2627:u=1:x=1:i=1654326160:t=1654412560:v=2:sig=AQHaZUaR33GR2tgLBbIEkPuYyLwwAsbt"
.amazon-adsystem.com/ Name: ad-id
Value: A1yz_FRjvUQtlbmRrt8IUes
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.disqus.com/ Name: disqus_unique
Value: 3vfv4svbq87v
disqus.com/ Name: __jid
Value: 3vfv3og3b4jnn1
.id5-sync.com/ Name: callback
Value:
.adkernel.com/ Name: SSPZ
Value: 153873
.adkernel.com/ Name: ADKUID
Value: A8492896450583913946
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.bidswitch.net/ Name: tuuid
Value: bff618de-2b06-48a2-bbff-b6ccc8d39000
.bidswitch.net/ Name: c
Value: 1654326161
.bidswitch.net/ Name: tuuid_lu
Value: 1654326161
.3lift.com/ Name: tluid
Value: 556026402494639543882
.yieldmo.com/ Name: yieldmo_id
Value: g88aa88ceacb14000313%7C1654326161437%7C0%7C
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.contextweb.com/ Name: V
Value: em1JAirFG5LC
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 42365cd6e6a10dd7
.zemanta.com/ Name: zuid
Value: LzYl8o9JwaVt_2Mo36Wu
.33across.com/ Name: 33x_ps
Value: u%3D2130873079196%3As1%3D1654326161483%3Ats%3D1654326161483
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YpsDkQAGWK5FIQAo
.smartadserver.com/ Name: pid
Value: 8867012480303613517
.turn.com/ Name: uid
Value: 3440408375380958027
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.sitescout.com/ Name: ssi
Value: d34ce5e8-8c76-4e77-b365-96f2b76da432#1654326161532
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-69603657-6677-4c58-4564-a82d24035eeb.47LJthGj28dbJHTE6yTwCk6Dx65Mt267rszR%2FFsgWDw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaWA2V2Z3TFhFZKgtJANe65U4mbI.SwC6vGBeZNFN9YFPF%2BEeRoREwHdUf4otHjD2dDLBxvQ
.ads.yieldmo.com/ Name: ptrpp
Value: em1JAirFG5LC
.tynt.com/ Name: uid
Value: DvjCBGKbA5HCESIPU54SFw==
.mathtag.com/ Name: uuid
Value: caf8629b-0391-4400-a758-3b41b5522cdf
.adotmob.com/ Name: uid
Value: 07bc220407b06c2f1279ae43
.adotmob.com/ Name: uuid
Value: 07bc220407b06c2f1279ae43
.simpli.fi/ Name: suid
Value: F2FA02F7620E412F9BAA59AB0D5D3BA6
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.servenobid.com/ Name: pid_312
Value: 1696151633887888005
.ads.yieldmo.com/ Name: ptrt
Value: 7e2f6ba0-ad77-492e-9ec4-c1463734beb8
.ads.yieldmo.com/ Name: ptrstk
Value: aWA2V2Z3TFhFZKgtJANe65U4mbI
.ads.yieldmo.com/ Name: ptrbsw
Value: bff618de-2b06-48a2-bbff-b6ccc8d39000
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 855B06D3-3D54-4A42-91F6-827309E6A457
.gumgum.com/ Name: vst
Value: u_169133db-c4e8-48d7-8739-0fffd5896912
.servenobid.com/ Name: pid_333
Value: YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
.servenobid.com/ Name: pid_310
Value: EwNGcBZHlxfgonDXRwy1yjjY
.exelator.com/ Name: EE
Value: "d01f4caee5c9b05e1731903996871aa7"
.go.sonobi.com/ Name: __uis
Value: d2267f63-c0d7-476d-8d53-0e6c4eaacf63
.brand-display.com/ Name: _knxq_
Value: 8fe58399-2fa2-0314-49b45250.1654326161.0.1654326161.1654326161
.servenobid.com/ Name: pid_337
Value: y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
.servenobid.com/ Name: pid_309
Value: u_169133db-c4e8-48d7-8739-0fffd5896912
.servenobid.com/ Name: pid_332
Value: d2267f63-c0d7-476d-8d53-0e6c4eaacf63
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHFwDDNJDkxNdU02TLJwDTV0NzY0NLA2NLSzMLcMDHRfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAaEl%252BUWb6ImfHxUUpaQyLSopPBR%252BYdhgAmgkqdw%253D%253D"
.technoratimedia.com/ Name: tads_uid
Value: 25D7ABA302DE40CDACD5FDD4F5407C54
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220604030241-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.outbrain.com/ Name: obuid
Value: 2aafcc4e-7a7d-40c8-b86b-ec06df84fca6
.360yield.com/ Name: tuuid
Value: 5818cbe3-0415-4bc2-b812-970695154f41
.360yield.com/ Name: tuuid_lu
Value: 1654326161
.deepintent.com/ Name: CDIUSER
Value: di_51b96af39a72406f8fcbc
.ipredictive.com/ Name: cu
Value: 53b20474-e3d4-11ec-9e45-a33c04345cd2|1654326161839
.smaato.net/ Name: SCM
Value: 7ba3b0ae
.smaato.net/ Name: SCMaps
Value: 7ba3b0ae
.emxdgt.com/ Name: uid
Value: 77741654326161870409ba
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDYyNDcyN7MwMxPiM9QtyvY3yy4McSsNc3QBAE0CNtMlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDYyNDcyN7MwMxPiM9QtyvY3yy4McSsNc3QBAE0CNtMlAAAA
.emxdgt.com/ Name: apn_id
Value: 1696151633887888005
.creativecdn.com/ Name: u
Value: DEf6JokJqJ47SmJlfWk4
.creativecdn.com/ Name: ts
Value: 1654326162
.quantserve.com/ Name: mc
Value: 629b0392-2a3bc-e3f2a-ebe2e
.socdm.com/ Name: SOC
Value: YpsDksCo8YUAAKzuNAAAAAAA
.servenobid.com/ Name: pid_324
Value: 1783777313217276866
.tapad.com/ Name: TapAd_TS
Value: 1654326162403
.tapad.com/ Name: TapAd_DID
Value: 42e810d3-10eb-45f8-8040-856705c10d9a
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.adform.net/ Name: C
Value: 1
.servenobid.com/ Name: pid_317
Value: 8867012480303613517
.servenobid.com/ Name: pid_321
Value: OPTOUT
.adform.net/ Name: uid
Value: 2633905662877009385
.adotmob.com/ Name: partners
Value: IX%3A1654326161588%3BSMA%3A1654326162632
.google.com/ Name: NID
Value: 511=mp550ZGR1c_j6kFnExVHdgTgOfpoz-Ch2AxGVEPRh8UQRGzrbFTy-7_d8YDg55xlR9BBKDE51k4vNP__24MJHNHK2EqvVi5l_t6qbRRo0X-dogstBBaPwhXd6f4L4nXwByNgwffpyphlFrfvxa-3W9sg1RQ6MYu_lEO--ShBtkE
www.iphoneincanada.ca/ Name: _lr_retry_request
Value: true
www.iphoneincanada.ca/ Name: _lr_env_src_ats
Value: false
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 77dbc2b55ce4f3f4cecc10597aad1b9a
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDdPSUo2SjI1TU41STNOM0lOTU42NDC1NE9MTDFMskxkAIKk2cxT%2FgMBP4gDAQDWyg9r"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIms08BUhBAQATzQGV"
.lijit.com/ Name: ljtrtbexp
Value: eJxdj7kVA0EIQ3uZ2AEMiMOt%2Bbn3tWc3QeEHJKTP0vXWgLtuBF5rHwQM%2BceIyTYxdTJEaKJCitvQ26TPnh52d85Ev0nNmyJPpZBFKcuJQcz6nLzZr2n%2FdLJoO5yzo5PeSQ%2F6j5p%2BKjPB9wII%2BFaI
.iphoneincanada.ca/ Name: cto_bundle
Value: qnvSSV9zZ3pVdUlreSUyQnZxbUIwZ2NLZyUyQkRkSGFveWhpUXd4WHRvTkNNeDhRdUFmQmZzbWxJMmZ1UFJYQWR3cTJTa0JPZno1WHRXZHBVeExyN0JFWVEwZ1dvblJzeHVwY21jT0FsSGlDciUyQkh3R2NGZzd5MU1kc24wN0dtVDhzWTdpRFVQYg
.iphoneincanada.ca/ Name: cto_bidid
Value: g584Tl93UDIwMDNaZnphWTFXMXZUeXI1RFZVbjk5Uml3SWFPOTZtbld6eG55N3VSVjh5TjBsd0lVWERZSjJQYTZUV1MlMkZCayUyQmtMTk5UTDRna0N3ZWdsYzg1QWclM0QlM0Q
.iphoneincanada.ca/ Name: panoramaId_expiry
Value: 1654930963995
.iphoneincanada.ca/ Name: _cc_id
Value: 77dbc2b55ce4f3f4cecc10597aad1b9a
.iphoneincanada.ca/ Name: panoramaId
Value: 95aa1c225c0913ed7698f2fbcc3e16d53938c8587de318da6ce5d3b45a17893d
www.iphoneincanada.ca/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%227e2f6ba0-ad77-492e-9ec4-c1463734beb8%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-05-04T07%3A02%3A43%22%7D
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwe8Y5qHeQoHJyr9DnM4nQ3NJENwv7toiPK8rIW1nGPV5o0rJWr2sAzrspQC4TM1
.advertising.com/ Name: APID
Value: UP56a55407-e3d4-11ec-91ee-0219e9c28abb
.teads.tv/ Name: tt_viewer
Value: b2938649-3556-4fd2-bcca-1391d8230947
.id5-sync.com/ Name: 3pi
Value: 2#1654326161416#-669939607#1696151633887888005|434#1654326163497#1563781208|3#1654326161663#-1089522064#caf8629b-0391-4400-a758-3b41b5522cdf|501#1654326166774#2016541034|264#1654326162405#318007907#7e2f6ba0-ad77-492e-9ec4-c1463734beb8|136#1654326166774#835216655|108#1654326165030#1568012399|429#1654326162853#420943415
.media.net/ Name: visitor-id
Value: 2973277661454693000V10
.media.net/ Name: data-sov
Value: EwNGcBZHlxfgonDXRwy1yjjY~~3
.openx.net/ Name: univ_id
Value: 537072971|7e2f6ba0-ad77-492e-9ec4-c1463734beb8|1654326166843705
ads.stickyadstv.com/ Name: UID
Value: caa79e48e2a724bdc18faab1eec59a
ads.stickyadstv.com/ Name: sessionId
Value: 7d1d5b36689fef43cacf8bcb3545b43
.linkedin.com/ Name: li_sugr
Value: 0d04d685-8514-45b0-8074-4410be129189
.criteo.com/ Name: uid
Value: debed773-bb01-4d0a-b4d8-d6b9feb4cb78
.owneriq.net/ Name: si
Value: Q7076125662044973569
.acuityplatform.com/ Name: auid
Value: 673387570093
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFASzBgLrCYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBQEswYC6wj3RoaXJkUGFydHlVc2VySWRXRXdOR2NCWkhseGZnb25EWFJ3eTF5ampZ+/uGdmVyc2lvbsL7
.mfadsrvr.com/ Name: tuuid
Value: 0d910e7b-0c76-4f6a-b985-2933ada92f3a
.mfadsrvr.com/ Name: c
Value: 1654326167
.mfadsrvr.com/ Name: tuuid_lu
Value: 1654326167
.iphoneincanada.ca/ Name: __gads
Value: ID=cea8cd5f3760678e-22454900c6d2009c:T=1654326158:RT=1654326166:S=ALNI_MabGs3xINVJOAAnod07x4_inAa0Xw
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEFQVJvRDv_2lee5VT60eHjI
.lijit.com/ Name: _ljtrtb_43
Value: fFv1vXpa9e1nW63sKArhunkP_r5nDK66eAxAMNB9
.lijit.com/ Name: _ljtrtb_1
Value: 3440408375380958027
.go.sonobi.com/ Name: __uir_i5mm
Value: 1
.go.sonobi.com/ Name: __uin_i5mm
Value: caf8629b-0391-4400-a758-3b41b5522cdf
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMTVmOGI4ZmUtYmNiNS00YjBjLWE5OGItMjk4MzNkYzZhY2VkIiwiZXhwaXJlcyI6IjIwMjItMDktMDJUMDc6MDI6NDdaIn19LCJiaXJ0aGRheSI6IjIwMjItMDYtMDRUMDc6MDI6NDdaIn0=
.servenobid.com/ Name: pid_314
Value: eyJ4dWlkIjoiOTViZTU4MGQtNTdiMS00N2MwLWI2NjYtYzNjODExMTRjYzZkIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMM1pKMlhQNC1ULTRZRkUiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo0MS43MTc5NTFaIn19LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTc5NDhaIn0=
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiOTViZTU4MGQtNTdiMS00N2MwLWI2NjYtYzNjODExMTRjYzZkIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMM1pKMlhQNC1ULTRZRkUiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo0Ny4yMTUzNzlaIn19LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjo0MS43MTc5NDhaIn0=
.servenobid.com/ Name: pid_327
Value: 15f8b8fe-bcb5-4b0c-a98b-29833dc6aced
.lijit.com/ Name: _ljtrtb_49
Value: em1JAirFG5LC
.lijit.com/ Name: _ljtrtb_80
Value: L3ZJ2XP4-T-4YFE
.lijit.com/ Name: _ljtrtb_27
Value: 7e2f6ba0-ad77-492e-9ec4-c1463734beb8
.lijit.com/ Name: _ljtrtb_10
Value: 1783777313217276866
.lijit.com/ Name: _ljtrtb_16
Value: d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341
.lijit.com/ Name: _ljtrtb_2
Value: F2FA02F7620E412F9BAA59AB0D5D3BA6
.lijit.com/ Name: _ljtrtb_84
Value: c:bdd2823f4222c34bc79ce91e93322901
.lijit.com/ Name: _ljtrtb_86
Value: DEf6JokJqJ47SmJlfWk4
.lijit.com/ Name: _ljtrtb_66
Value: 673387570093
.server.cpmstar.com/ Name: USER_ID
Value: %24%97%caQ%87I%d3%26%07X%80%a4%c5%d71
.openx.net/ Name: pd
Value: v2|1654326163.2.1.1|iKvMgahEkWgy.bwuYvPgKg2f8.g6mmvIfYhAn8mKvJeSnocsvuoqvRwike.hMvVlwvZf4vU
.liadm.com/ Name: lidid
Value: e3fcbad1-c787-42dc-9716-9a0c3056ed78
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.fwmrm.net/ Name: _uid
Value: "a188_7105276784182568428"
.lijit.com/ Name: _ljtrtb_56
Value: OPTOUT
.lijit.com/ Name: _ljtrtb_76
Value: a7f0ff1b-ab2d-052a-333c-23612c718196
.lijit.com/ Name: _ljtrtb_85
Value: AAFDDU7FNgcAAEin6MYPOw
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.pippio.com/ Name: did
Value: NT32ULLQEEVFrkXJ
.pippio.com/ Name: didts
Value: 1654326167
.pippio.com/ Name: nnls
Value:
.adsymptotic.com/ Name: U
Value: 06da7c091c28e7bf49bdb0525209ee43
.lijit.com/ Name: _ljtrtb_87
Value: 0d910e7b-0c76-4f6a-b985-2933ada92f3a
.lijit.com/ Name: _ljtrtb_12
Value: 1696151633887888005
.lijit.com/ Name: _ljtrtb_5001
Value: 77dbc2b55ce4f3f4cecc10597aad1b9a
.clinch.co/ Name: clinch-sid
Value: 06b603a7-1744-465b-bade-96f49811a9b0
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22149%22%3A%2220220604%22%2C%22142%22%3A%2220220604%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.media.net/ Name: data-o
Value: 03324844-ea99-05c7-17cf-eba9e62f2c18~~3
.taboola.com/ Name: t_gid
Value: 830a739c-b9f7-461e-a60c-416f5d251854-tuct9948917
.dyntrk.com/ Name: dyn_u
Value: 06030001_629b0397d2a72
.mookie1.com/ Name: id
Value: 10594507021203644355
.mookie1.com/ Name: mdata
Value: 1|10594507021203644355|1654326167865
.mookie1.com/ Name: ov
Value: aef4bcd38e402fd947ea22986752a656
ads.stickyadstv.com/ Name: uid-bp-36033
Value: a188_7105276784182568428
ads.stickyadstv.com/ Name: MRM_UID
Value: a188_7105276784182568428
.w55c.net/ Name: wfivefivec
Value: EDNHR2xN1NXnO75
.lijit.com/ Name: _ljtrtb_3
Value: caf8629b-0391-4400-a758-3b41b5522cdf
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.lijit.com/ Name: _ljtrtb_26
Value: bff618de-2b06-48a2-bbff-b6ccc8d39000
io.narrative.io/ Name: io.narrative.guid.v2
Value: 57580180-e3d4-11ec-b070-0a4515f2e365
.smadex.com/ Name: smxtrack
Value: da7984dc-d41e-406b-9a41-e0878b2e338f
pool.admedo.com/ Name: tuuid
Value: ba1b618e-e9bf-4e72-8c34-6498ab955e8a
pool.admedo.com/ Name: c
Value: 1654326167
.lijit.com/ Name: ljtrtb
Value: eJwtkV1vkzEMhf9Lr4nk2Imd7C6lfZG6r0ps2sYNyidMZQWKGEiI%2F46zcZfEj4%2FPcf6smFdnKxaiIF4AIq3erCzqm%2BXI1lvWSpAQAoDXkp%2F49f7m%2BvZm3gCs3kVaqVi8r90NGq72Wi34KDk3W2JWEmdfGYNtaN1gATYuZDRF30zhWmtoFAFgjp9sI5XxPZhQRdkuYgqxN5EHFuGWHaFhjAUoWuPIWe10UTv7k92lx9Pyzl%2B8nZNlOuw4uGQwuamQi9hN7NWZah2TkCu9hDlZUXIOHAQSTwGiD6ACqqKVBZcEuAgjbJ3FJa5T8jGtYeM3tE6sGClW8wjTmHl15kCnig%2BGirO6I8TahqIBlL2gDzu83ztzY9zDsn2xqymn5f8HBd0UPSutYUDdLqqCOq4Sa4%2B2RyLECDN%2B8EqmtGw2t7JcfaopbR%2BPfPmwv%2F41q3Otm%2B3g3dfD7vvOyfun3Zdxd3Az%2BDRjRVOLkCW0gsKBZyQ3M43l2T7ff8ux2%2BMd04%2FzdPr883jYfzz54%2Bacuaff6fJqHZWXOSbLgDFsMblgM%2BAxGyKqBoktVrHBxqkdZlBo0UIX3dfLTw%2FOpsTgDWqy3HLEQXn19x%2BuBKW5
.lijit.com/ Name: _ljtrtb_83
Value: L3ZJ2XP4-T-4YFE
.w55c.net/ Name: matchrubicon
Value: 5
.rezync.com/ Name: zync-uuid
Value: 3cbc73b2-c97c-4c6c-bfeb-8bf66b66116e:1654326168.01
live.rezync.com/ Name: sd-session-id
Value: .eJwVykELgjAYgOG_Et_Zg2hQCN2SUNokEGS7SM4ZW7rSzVGT_ffW7X3g3aB982W6K64MZGZZeQRsFEEasg16oec1FLDUDnavbTcfDxZ8BJprLV6qFf3_23XhQQkWxDFHZGGIe6bkG8fEUXltyok2haku5YQlFViSD6rpWMk8wfXNoWAsHys65yfw_gfYcTMO.FXyVGA.RMC4iK7M87fueg0pHlvxkUocrno
.mathtag.com/ Name: mt_mop
Value: 9:1654326168
.w55c.net/ Name: matchcasale
Value: 5
.agkn.com/ Name: ab
Value: 0001%3A4Qs4Ypiucsz73O3esgFVR0kOf1UqmdQF
.w55c.net/ Name: matchopenx
Value: 5
.owneriq.net/ Name: p2
Value: oxc
.owneriq.net/ Name: oxc
Value: 1
.cpx.to/ Name: cpSess
Value: 355ac33bd3ca39c5
.cpx.to/ Name: dsp_OPENX
Value: 8b230dc8-7d31-0328-1616-6d6b5557a146#1654326168136
ads.stickyadstv.com/ Name: uid-bp-892
Value: 7e2f6ba0-ad77-492e-9ec4-c1463734beb8
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFDDU7FNgcAAEin6MYPOw
.casalemedia.com/ Name: CMRUM3
Value: 2e629b039127601696151633887888005&40629b03922760d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341&27629b039127607e2f6ba0-ad77-492e-9ec4-c1463734beb8&bf629b039100018fe58399-2fa2-0314-49b45250&6f629b039605a0&03629b03912760caf8629b-0391-4400-a758-3b41b5522cdf&82629b03972760AAFDDU7FNgcAAEin6MYPOw&0d629b0391276007bc220407b06c2f1279ae43&2f629b03982760EDNHR2xN1NXnO75&2d629b03962760CAESEDGMEBitJgS8ogSjrqInyqs&11629b03922760LzYl8o9JwaVt_2Mo36Wu&5a629b03912760F2FA02F7620E412F9BAA59AB0D5D3BA6&41629b039805a0AAADKEP_9Dz12QNhuW7kAAAAAAA&04629b039127603440408375380958027&58629b03912760YpsDkQAGWK5FIQAo&1f629b039605a0&7b629b03982760aWA2V2Z3TFhFZKgtJANe65U4mbI&f1629b039105a0&ce629b039105a0&e6629b03912760&51629b03982760Z7UJSmG0CRp8tVEbM-QdTWLhAkl84lJNY-ID0EI9&49629b039105a0&1a629b039605a0
.w55c.net/ Name: matchgoogle
Value: 5
.smartadserver.com/ Name: csync
Value: 66:07bc220407b06c2f1279ae43|69:06030001_629b0397d2a72|76:CAESEO8LV6feORb-1xSSneZMbkk|80:U0flkVVG5cFIR73ABxbxllYT7pJIEL6WVxAXhjwz|94:YpsDkQAGWK5FIQAo|116:LzYl8o9JwaVt_2Mo36Wu|127:AAFDDU7FNgcAAEin6MYPOw|135:TAM_OK
.mookie1.com/ Name: syncdata_TAP
Value: 1
.go.sonobi.com/ Name: HAPLB8S
Value: s8710|YpsDk
a.clickcertain.com/ Name: _ccpx_u
Value: d3a6508f%2d54e7%2d4789%2d8a56%2dc2ebface8ad6
.adkernel.com/ Name: ADK_EX_11
Value: 1
pool.admedo.com/ Name: tuuid_lu
Value: 1654326168
fksnk.com/ Name: AWSALBCORS
Value: SnLOF0907NE65fZOfH3eTLMFwkcZQAHvkac/Nthx7O/yfQWPPXcLaZnz1nninIbX/YogHe9+u6hWEaxzMV80898mVpFsOCS4T+WOAGgOlRbrnnx2gs2o734QcPco
.fksnk.com/ Name: f_001
Value: DCF9891882C82B08
.fksnk.com/ Name: g_001
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 7f51a0fdf8dc08e4
.ctnsnet.com/ Name: cid_a6204500c66f4b7a974b7222073dfce4
Value: 1
.ctnsnet.com/ Name: gid_CAESELnvBUBBSkB5_15ZgOPdPmU
Value: 1
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA12dXHLsXC3cKssSXF0zDf1SamyNI53LG5iMTJOTko2N04y0k22NE_WNUk2S9ZNSktN0rVISjMzSzIzMzQ0S7UyNDM1MTYyMzSz0DMwBAAdk3LlUwAAAA
.outbrain.com/ Name: ttd
Value: 7e2f6ba0-ad77-492e-9ec4-c1463734beb8
.mxptint.net/ Name: mxpim
Value: R1B331_F0EE6949_66B6C0D9.1.629B039800000000000000000000000000000000629B0398
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAFDDU7FNgcAAEin6MYPOw
.tribalfusion.com/ Name: ANON_ID
Value: apnr6iRkP6j6eCno77E88s7ZanfgysME0hC3THfDo9rg6WFcHLZdf59RVnQEM78QSkJdQfxYTt
.smaato.net/ Name: SCMg
Value: 7ba3b0ae
.linksynergy.com/ Name: rmuid
Value: 980ce6e2-1f57-432a-9bd0-c3f2cf92728f
.linksynergy.com/ Name: icts
Value: 2022-06-04T07:02:48Z
.media.net/ Name: data-g
Value: CAESEEbRhzF_k818wahntYtpRmU~~3
.uuidksinc.net/ Name: jcsuuid
Value: darOxjhAhP9RniB4ZMbx
cs.chocolateplatform.com/ Name: choco_cookie
Value: cp-5f4af6fdfd0f476c51ace6db6744821a
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A8492896450583913946
.pippio.com/ Name: pxrc
Value: CJiH7JQGEgQIAhAAEg4IlCkQ////////////ARIOCOUrEP///////////wESDgjmKxD///////////8BEg4I5ysQ////////////ARIOCOgrEP///////////wESDgjpKxD///////////8BEg4I6isQ////////////ARIOCOsrEP///////////wESDgjsKxD///////////8BEg4I7SsQ////////////ARIOCO4rEP///////////wESDgjVQxD///////////8BEg4I3k4Q////////////ARIPCOzrARD///////////8BEg8I468rEP///////////wESDwjtrysQ////////////ARIPCO6vKxD///////////8BEg8I768rEP///////////wESDwjwrysQ////////////ARIGCPGvKxAA
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-YIDhSHVE2oOP1j05GnQbAwv2GSVj5DoSIkWe.rzl~A
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFDDU7FNgcAAEin6MYPOw
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: EDNHR2xN1NXnO75
.rlcdn.com/ Name: rlas3
Value: 4GrCgeR6x8sxY5txeHeS62miyDIasLU/KbFTq1TlyP0=
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY1NDMyNjE2MTU5MywiMyI6MTY1NDMyNjE2NjY4NiwiNCI6MTY1NDMyNjE2MTU5MywiNDgiOjE2NTQzMjYxNjY5MzIsIjM5IjoxNjU0MzI2MTYxNTkzLCIxNyI6MTY1NDMyNjE2Njc1OSwiNyI6MTY1NDMyNjE2NjY4NiwiODEiOjE2NTQzMjYxNjkxMTd9
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPoN+pUwg4d49O1WuCoMxA8a+JUixCbOKdoTbu4oi1KlKDsaQB9iCEwV9SyGDpnu9cjpUWVpMebYs3ZoLGRbp6vCJhsHlJbldDfubY2JyQxhIt7txJKtI1NA
.krxd.net/ Name: _kuid_
Value: O4K341Xx
.mookie1.com/ Name: syncdata_NEU
Value: 1
.zemanta.com/ Name: obuid
Value: OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
.outbrain.com/ Name: apnxs
Value: 1696151633887888005
.outbrain.com/ Name: emx
Value: 1696151633887888005brt77741654326161870409ba
.casalemedia.com/ Name: CMST
Value: YpsDj2KbA5kA
.adgrx.com/ Name: ADGRX_UID
Value: 581eea20-e3d4-11ec-9e4e-79fe3e50d71e
.outbrain.com/ Name: criteo
Value: debed773-bb01-4d0a-b4d8-d6b9feb4cb78
.smaato.net/ Name: SCMo
Value: 7ba3b0ae
.outbrain.com/ Name: synacor
Value: 25D7ABA302DE40CDACD5FDD4F5407C54
.outbrain.com/ Name: spotx
Value: 520dded0-e3d4-11ec-9fcf-17aa2b400403
.outbrain.com/ Name: openx
Value: 7b0f08dc-3e77-02db-17ef-c76aec7b79ef
.outbrain.com/ Name: centro
Value: d34ce5e8-8c76-4e77-b365-96f2b76da432-629b0391-4341
.outbrain.com/ Name: oath
Value: y-VlW9.r9E2uHASOVpT01.Ib_IOWqY.Q2sWFIpU3E-~A
.outbrain.com/ Name: mdfrc
Value: 0d910e7b-0c76-4f6a-b985-2933ada92f3a
.outbrain.com/ Name: zmnta
Value: LzYl8o9JwaVt_2Mo36Wu
.outbrain.com/ Name: rbcn
Value: L3ZJ2XP4-T-4YFE
.outbrain.com/ Name: rtbhs
Value: DEf6JokJqJ47SmJlfWk4
.dpm.demdex.net/ Name: dpm
Value: 67652380882744311431016741235110046064
.demdex.net/ Name: demdex
Value: 67652380882744311431016741235110046064
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENfV2N9tlb7fxBHOKetopyQ&KRTB&16514-CAESENfV2N9tlb7fxBHOKetopyQ&KRTB&23025-CAESENfV2N9tlb7fxBHOKetopyQ
.adgrx.com/ Name: ADGRX_CM_FREEWHEEL_BRIDGED
Value: 1
.outbrain.com/ Name: indxexcg
Value: YpsDj6V2eezDp_7lpu-RAQAAAc8AAAAB
.outbrain.com/ Name: smaato
Value: 7ba3b0ae
.adfarm1.adition.com/ Name: UserID1
Value: 7105276792781666443
.outbrain.com/ Name: improve_digital
Value: 5818cbe3-0415-4bc2-b812-970695154f41
.4dex.io/ Name: uids
Value: eyJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiI1NjczNTQzOS1lNjMzLTQ2ZDItODBhNy1lZmM3OWVhMjFiZTUiLCJleHBpcmVzIjoiMjAyMi0wOC0wM1QwNzowMjozOC42Njg4MTE2ODVaIn0sImFwcG5leHVzIjp7InVpZCI6IjE2OTYxNTE2MzM4ODc4ODgwMDUiLCJleHBpcmVzIjoiMjAyMi0wOC0wM1QwNzowMjo0Ni41MzA3MTA1MjZaIn0sImJpZHN3aXRjaCI6eyJ1aWQiOiJiZmY2MThkZS0yYjA2LTQ4YTItYmJmZi1iNmNjYzhkMzkwMDAiLCJleHBpcmVzIjoiMjAyMi0wOC0wM1QwNzowMjo0OS40MTIyMzI2MTVaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6IjU4MThjYmUzLTA0MTUtNGJjMi1iODEyLTk3MDY5NTE1NGY0MSIsImV4cGlyZXMiOiIyMDIyLTA4LTAzVDA3OjAyOjQ4LjQ5NzgwMjMxMVoifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJZcHNEajZWMmVlekRwXzdscHUtUkFRQUFBYzhBQUFBQiIsImV4cGlyZXMiOiIyMDIyLTA4LTAzVDA3OjAyOjQxLjUwMjA2Njk2MVoifSwicnViaWNvbiI6eyJ1aWQiOiJMM1pKMlhQNC1ULTRZRkUiLCJleHBpcmVzIjoiMjAyMi0wOC0wM1QwNzowMjo0MC45MzY4NTM3MzZaIn0sInNtYXJ0Ijp7InVpZCI6Ijg4NjcwMTI0ODAzMDM2MTM1MTciLCJleHBpcmVzIjoiMjAyMi0wOC0wM1QwNzowMjo0Ni45MDc0MzY2MjRaIn19LCJiZGF5IjoiMjAyMi0wNi0wNFQwNzowMjozOC42Njg1OTcyMVoifQ==
.outbrain.com/ Name: bdswch
Value: bff618de-2b06-48a2-bbff-b6ccc8d39000
.quantserve.com/ Name: d
Value: EBQBKAGmJoEPisMM2MgQn5IInYEMj-0Q
ads.stickyadstv.com/ Name: uid-bp-22945
Value: 581eea20-e3d4-11ec-9e4e-79fe3e50d71e
.rlcdn.com/ Name: pxrc
Value: CJeH7JQGEgUI6EcQABIGCLDqARABEgYIt+oBEAISBgjA6gEQAhIGCMrqARACEgYI6uoBEAISBgi46wEQAg==
.outbrain.com/ Name: actvagnt
Value: 7105276792781666443
.outbrain.com/ Name: smart
Value: 8867012480303613517
.w55c.net/ Name: matchliveramp
Value: 5
.outbrain.com/ Name: quantcast
Value: AzFRawUwUTsYMQk6V2BFbAZlWmgYZgpsB2bQMMUg
.yellowblue.io/ Name: wrvUserID
Value: ToWusJQ4k_s
.bing.com/ Name: MUID
Value: 0093B732DDC7640E15B8A68BDC6D6546
.c.bing.com/ Name: MR
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:F2FA02F7620E412F9BAA59AB0D5D3BA6
ads.stickyadstv.com/ Name: uid-bp-951
Value: 1696151633887888005
.apxlv.com/ Name: dc_id
Value: d8ce7bafb76d6b9577d22e456a620021||t=1654326169
.pubmatic.com/ Name: SPugT
Value: 1654326167
ads.stickyadstv.com/ Name: uid-bp-25746
Value: 53b20474-e3d4-11ec-9e45-a33c04345cd2
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22af668bdd51%22%2C%22f%22%3A1%2C%22ts%22%3A1654326163946%7D%2C%7B%22p%22%3A%226f27415d53%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%229ca61abeef%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1654326161639%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1654326163946%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1654326161639%7D%2C%7B%22p%22%3A%222a1349c163%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1654326163946%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1654326163946%7D%2C%7B%22p%22%3A%226db3fb8a85%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1654326161639%7D%2C%7B%22p%22%3A%22725d221570%22%2C%22f%22%3A1%2C%22ts%22%3A1654326169738%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1654326161639%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1654326161639%7D%2C%7B%22p%22%3A%225cb91279ed%22%2C%22f%22%3A1%2C%22ts%22%3A1654326163946%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1654326161639%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1654326163946%7D%5D
.outbrain.com/ Name: pubmatic
Value: 855B06D3-3D54-4A42-91F6-827309E6A457
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA12dXHLsXC3cKssSXF0zDf1SamyNI53LA7iNTQzNTE2MjM0szA1NtzFiOCbG5ubH0Lim1kaG75iRFU_SdjIODkp2dw4yUg32dI8Wdck2SxZNyktNUnXIinNzCzJzMzQ0CzVCqFJz8BwljCSIebmJq_EEHxLc3PLLnFkSy2MTyHxDS0sDQDHnwcU0gAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1e7e|80p.0.1|7TZ.0.1|7dW.0.1|7bq.0.1|8f1.0.A8492896450583913946|7dN.0.AAFDDU7FNgcAAEin6MYPOw
.mfadsrvr.com/ Name: ssh
Value: !the33across,1654326169!outbrain,1654326169!google,1654326168!sovrn,1654326167
.cogocast.net/ Name: __cf_bm
Value: T23XVe5.Tkygc2OqkEHXqLrWWkV_00iXX5Yb2OHRSVI-1654326169-0-AdAFtkjYDEafICz9eF8QT1QnwgIlxiPDr7fI/P+Avr/ptkAfl60GGksdtIsgcE2TltXoQ9pFHfCNfzhbFb5e344=
.rqtrk.eu/ Name: browser_id
Value: 1:60af63fd-9099-4d96-8bf7-b911167775c3
.rqtrk.eu/ Name: rc
Value: 7:none:///
.analytics.yahoo.com/ Name: IDSYNC
Value: "190u~259j:18yl~259j:196n~259j:196y~259j:17ot~259j:18za~259j:18yx~259j:195n~259j:192i~259j"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3727-2!3727
.cogocast.net/ Name: gid
Value: CAESECK90RaqA5WRLxfyqJQ3BRs||1654326169
.adnxs.com/ Name: anj
Value: dTM7k!M4/QE:2jUF']wIg2GUcs(DxD!A#FX.TOKKnyW<U1`VROYQM-:J(kh6Dx5r6V=+y:`vE>*^*uW)?8H#:u/Bv(/X%W#.wLO'6HQA>q$I`BVao78Ajvs_0:*'0qG(y=/oUiaAx[BRAbz]bZc1e]0I!cL=W`>7Db6_:!.X>a</wZn
ads.stickyadstv.com/ Name: uid-bp-529
Value: caf8629b-0391-4400-a758-3b41b5522cdf
.scorecardresearch.com/ Name: UID
Value: 1AE2f694736d3a95c040a131654326170
.go.affec.tv/ Name: ck
Value: 629b039ad69a6f00018f3b6c
.go.affec.tv/ Name: oo
Value: 1
.agkn.com/ Name: u
Value: C|0AAAAAAAAKi3AGwAAAAAA
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY1NDMyNjE3MSwiaWQiOiIxNjk2MTUxNjMzODg3ODg4MDA1IiwibHMiOjE2NTQzMjYxNzF9LCJ0dCI6eyJkdCI6MTY1NDMyNjE3MCwiaWQiOiJEdmpDQkdLYkE1SENFU0lQVTU0U0Z3PT0iLCJscyI6MTY1NDMyNjE3MH0sInYiOjB9|1654326171|687f87144a230c232b8bd798780dd12380d39652
.id5-sync.com/ Name: id5
Value: b1938e8a-8d13-44fb-8f16-03bf50ae73ec#1654326160930#3
.pubmatic.com/ Name: pi
Value: 159706:3
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3440408375380958027&KRTB&23150-3440408375380958027
.pubmatic.com/ Name: PugT
Value: 1654326171
.pubmatic.com/ Name: SyncRTB3
Value: 1654905600%3A2%7C1655510400%3A220_21_13_54
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCOLph_bHgOM6EAUSFQoGY2FzYWxlEgsI1o_L_8eA4zoQBRIWCgdzdng5dDUwEgsImuelssiA4zoQBRIUCgV0YXBhZBILCKKt7MPIgOM6EAUSFwoIbGl2ZXJhbXASCwiezMvFyIDjOhAFEhcKCHB1Ym1hdGljEgsI3qer48iA4zoQBRgBIAEoAjILCN6frpDfgOM6EAU4AVoIcHVibWF0aWNgAg..
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7e2f6ba0-ad77-492e-9ec4-c1463734beb8&KRTB&22918-7e2f6ba0-ad77-492e-9ec4-c1463734beb8&KRTB&23031-7e2f6ba0-ad77-492e-9ec4-c1463734beb8
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTMwODczMDc5MTk2IiwiZXhwaXJlcyI6IjIwMjItMDYtMThUMDc6MDI6NDkuODExOTU4NzU1WiJ9LCJhZG54cyI6eyJ1aWQiOiIxNjk2MTUxNjMzODg3ODg4MDA1IiwiZXhwaXJlcyI6IjIwMjItMDYtMThUMDc6MDI6NDkuMzQ0OTQ1OTIzWiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiI1ODE4Y2JlMy0wNDE1LTRiYzItYjgxMi05NzA2OTUxNTRmNDEiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo0OS41ODg5NzkyOTNaIn0sImlubW9iaSI6eyJ1aWQiOiJJRDUtWkhNT2RuVHBkbzdsaktsUjhIdWhxZG9STGhTbHhrU1FPdlR5MWJtbFh3IiwiZXhwaXJlcyI6IjIwMjItMDYtMThUMDc6MDI6NTEuNzY4MDk2Njg5WiJ9LCJvcGVueCI6eyJ1aWQiOiJmMmMwYWUxNC1mODA2LTBjY2UtMWYwYy01NWQyZDU5YjdjNDkiLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo0Ny45NjA1NjI2WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiI4NTVCMDZEMy0zRDU0LTRBNDItOTFGNi04MjczMDlFNkE0NTciLCJleHBpcmVzIjoiMjAyMi0wNi0xOFQwNzowMjo1MS45NzA2MjAxNVoifSwic292cm4iOnsidWlkIjoiRXdOR2NCWkhseGZnb25EWFJ3eTF5ampZIiwiZXhwaXJlcyI6IjIwMjItMDYtMThUMDc6MDI6NDkuMDYzODgyNjI0WiJ9LCJ5aWVsZG1vIjp7InVpZCI6Imc4OGFhODhjZWFjYjE0MDAwMzEzIiwiZXhwaXJlcyI6IjIwMjItMDYtMThUMDc6MDI6NTEuNTEyNzU3NDU5WiJ9fSwiYmRheSI6IjIwMjItMDYtMDRUMDc6MDI6NDcuOTYwNTU4MzJaIn0=

44 Console Messages

Source Level URL
Text
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn.iphoneincanada.ca%2Fwp-content%2Fuploads%2F2017%2F09%2Fiic-logo-1.svg&key=TXSNb87zoG3mgaIx1LLrWg&h=200
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('null').
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1696151633887888005&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16330283978221309291/index.html".
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://js-sec.indexww.com').
network error URL: https://pixel.advertising.com/ups/55946/sync?uid=CAESEDgvTXQZaRge9WaeajpTS3o&_origin=1&gdpr=0&google_cver=1
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://js-sec.indexww.com').
network error URL: https://pixel.advertising.com/ups/55946/sync?_origin=1&gdpr=0&redir=true&verify=true
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27809415;s.a=3213511;p.a=336154095;a.a=527992559;cache=2720779958;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security error URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5751629574223798899/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=280&slotname=7317961782&adk=3515631888&adf=776189486&pi=t.ma~as.7317961782&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162855&bpp=20&bdt=1062&idt=1194&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326165&ga_hid=1164542333&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&isw=728&ish=90&ifk=2357337175&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C21066431&oid=2&pvsid=2744440300896503&pem=132&tmod=1247349620&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.aclzr3w429cy&fsb=1&dtd=2558
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5751629574223798899/index.html".
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13014175897113125687/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8845604764087408&output=html&h=200&slotname=8557045359&adk=4156644800&adf=776189474&pi=t.ma~as.8557045359&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fwww.iphoneincanada.ca%2Fnews%2Fpredator-spyware-for-iphones-uncovered-by-toronto-researchers%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654326162918&bpp=4&bdt=726&idt=2562&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&cookie=ID%3Dcea8cd5f3760678e%3AT%3D1654326158%3AS%3DALNI_MZqKQc2CEdIAA0j5AtMJG9WijDdgw&gpic=UID%3D000005f4667db5fa%3AT%3D1654326158%3ART%3D1654326158%3AS%3DALNI_MaAH6kdOgoYG3uK_hwWU70-nbf_Ig&prev_fmts=0x0&nras=1&correlator=5033563336134&frm=23&ife=4&pv=1&ga_vid=782479863.1654326158&ga_sid=1654326166&ga_hid=1664360240&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=996&ady=212&biw=1600&bih=1200&isw=300&ish=250&ifk=581612742&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C21066428%2C31067628%2C31067887%2C21066431%2C31064018&oid=2&pvsid=928158971882855&pem=132&tmod=2050205646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.2nl1b72ra323&fsb=1&dtd=3508
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13014175897113125687/index.html".
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/iphoneincanada/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.iphoneincanada.ca') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://id.geistm.com/m/OB/OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/29859?id=OKEkCA5OIpBEhimiH0iibPKl5rSPmZbRD1CuCFkZolyxn7WfHap71UBPfQgwcFn3
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=caf8629b-0391-4400-a758-3b41b5522cdf&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
514a7819dc2edf669abf7fc5b7a43113.safeframe.googlesyndication.com
a.clickcertain.com
a.rfihub.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.360yield.com
ad.atdmt.com
ad.turn.com
adadvisor.net
ade.googlesyndication.com
ads.pubmatic.com
ads.scorecardresearch.com
ads.servenobid.com
ads.stickyadstv.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
aep.mxptint.net
aorta.clickagy.com
ap.lijit.com
api.rlcdn.com
apis.google.com
assets.a-mo.net
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.disquscdn.com
c.eu1.dyntrk.com
c.statcounter.com
c.us1.dyntrk.com
c0.wp.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.clinch.co
cdn.id5-sync.com
cdn.iphoneincanada.ca
cdn.jsdelivr.net
cdn.onesignal.com
cdn.viglink.com
cds.connatix.com
ce.lijit.com
cheqzone.b-cdn.net
ck.connatix.com
cks.connatix.com
cm.adform.net
cm.g.doubleclick.net
cm.smadex.com
cms-xch-chicago.33across.com
cms-xch.33across.com
cms.analytics.yahoo.com
cms.quantserve.com
code.createjs.com
connect.facebook.net
contextual.media.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d.agkn.com
d.turn.com
data.adsrvr.org
dclk-match.dotomi.com
de.tynt.com
demand.catapultx.com
dis.criteo.com
disqus.com
dmp.brand-display.com
dp1.33across.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
ei.rlcdn.com
eu-u.openx.net
eus.rubiconproject.com
events-ssc.33across.com
events.catapultx.com
fastlane.rubiconproject.com
fksnk.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.ipify.org
glitter.services.disqus.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gpush.cogocast.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.geistm.com
id.rlcdn.com
id5-sync.com
idsync.reson8.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img-cdn.clinch.co
img.connatix.com
img.onesignal.com
ins.connatix.com
io.narrative.io
iphoneincanada.disqus.com
ius.ctnsnet.com
js-sec.indexww.com
links.services.disqus.com
lit.connatix.com
live.rezync.com
loadm.exelator.com
loadus.exelator.com
log.outbrainimg.com
lrpush.apxlv.com
map.go.affec.tv
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
math-aids-tagan.adlightning.com
mp.4dex.io
mug.criteo.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
odb.outbrain.com
odr.mookie1.com
onesignal.com
onetag-sys.com
openx2-match.dotomi.com
oxp.mxptint.net
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.mediawallahscript.com
partners.tremorhub.com
pbs.nextmillmedia.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
public.servenobid.com
px.ads.linkedin.com
px.owneriq.net
qd.admetricspro.com
r.casalemedia.com
r.turn.com
rc.rlcdn.com
realtime.clinch.co
referrer.disqus.com
rock.defybrick.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
rtd-tm.everesttech.net
s.ad.smaato.net
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s3.amazonaws.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
statics.nextmillmedia.com
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-jp.im-apps.net
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
sync.technoratimedia.com
tag.1rx.io
tagan.adlightning.com
tags.bluekai.com
tags.catapultx.com
tags.rd.linksynergy.com
tcheck.outbrainimg.com
teachingaids-d.openx.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trk.clinch.co
u.4dex.io
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
vid.connatix.com
widget-pixels.outbrain.com
widgets.outbrain.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.iphoneincanada.ca
www.statcounter.com
x.bidswitch.net
x.serverbid.com
x.yieldlift.com
ad.atdmt.com
ads.stickyadstv.com
demand.catapultx.com
id.geistm.com
104.127.172.242
104.18.20.134
104.18.99.194
104.20.229.67
104.36.115.109
104.36.115.98
107.178.246.49
107.178.254.65
124.146.215.52
135.148.122.24
135.148.55.26
138.199.40.58
141.226.224.48
141.95.98.67
142.250.72.98
142.251.32.98
142.251.35.162
146.75.30.132
147.75.38.124
15.235.42.103
151.101.130.137
151.101.192.134
151.101.194.137
151.101.66.49
159.203.145.121
159.89.246.130
162.210.199.153
162.223.54.14
162.248.18.11
162.55.236.225
169.197.150.8
172.217.165.130
174.137.133.32
174.137.133.49
18.116.182.232
18.207.82.126
18.210.134.164
18.233.42.152
18.65.100.81
18.65.116.34
18.65.116.7
18.65.148.105
18.65.148.115
18.65.148.36
18.65.148.55
18.65.148.94
18.65.156.226
184.85.195.135
185.167.164.37
185.184.8.90
192.0.76.3
192.0.77.37
192.132.33.46
192.184.68.166
193.122.174.27
198.148.27.140
198.24.171.52
199.127.204.142
199.127.204.162
199.187.193.177
199.187.193.182
199.187.193.197
199.187.193.204
199.232.192.134
199.232.192.64
199.232.196.134
199.232.196.64
199.38.167.129
20.72.149.136
2001:4998:14:800::1001
204.2.255.224
207.198.113.204
207.244.74.236
209.54.180.144
213.19.162.80
216.200.232.249
23.195.109.72
23.197.21.31
23.200.196.24
23.217.18.198
23.217.43.215
23.52.160.130
23.52.161.180
23.52.162.190
23.52.162.21
23.52.164.28
23.52.167.93
23.66.229.147
23.88.75.189
23.92.190.68
23.92.190.74
2600:141b:13::1724:128
2600:141b:13::172f:91b2
2600:141b:13::17d7:8293
2600:1f18:444a:4602:2c20:3113:5c28:1366
2600:1f18:4e9:5a02:518c:735c:e4a6:5f19
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:20e9:d000:6:8656:f5c0:93a1
2600:9000:2216:1400:1b:5138:8a40:93a1
2600:9000:2218:a400:1a:ba5c:3900:93a1
2600:9000:221d:4000:19:fc2c:a140:93a1
2602:803:c002:200::52
2606:4700:20::681a:932
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:cf70
2606:4700:3035::6815:29f3
2606:4700:3037::ac43:a7cf
2606:4700:4400::ac40:98f5
2606:4700:440e::6812:2fe6
2606:4700::6810:5514
2606:4700::6810:a00d
2606:4700::6812:19ac
2606:4700::6812:272
2606:4700::6812:e134
2606:4700::6812:e234
2606:4700::6813:9f13
2606:ae80:1471:15::440
2607:f8b0:4004:c06::9b
2607:f8b0:4006:807::2004
2607:f8b0:4006:807::200a
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::2006
2607:f8b0:4006:80e::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::200d
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2002
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:1ec:21::14
2620:1ec:49::40
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.115.148.43
3.132.128.157
3.209.19.41
3.212.51.61
3.215.167.98
3.225.178.202
3.229.243.180
3.230.217.116
3.230.62.22
3.232.26.33
3.251.15.4
3.92.156.8
3.94.73.16
31.220.27.134
34.111.151.213
34.117.239.71
34.120.155.137
34.149.40.38
34.196.68.33
34.202.155.225
34.202.70.31
34.203.153.203
34.206.247.163
34.224.43.78
34.228.204.193
34.98.67.3
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.207.24.140
35.210.53.219
35.211.178.172
35.244.159.8
35.71.131.137
37.157.4.28
4.78.226.232
46.105.202.126
50.31.142.255
51.178.20.140
51.222.39.186
52.0.156.250
52.201.137.214
52.203.82.32
52.207.45.55
52.210.143.40
52.217.90.62
52.223.22.214
52.3.28.57
52.3.39.22
52.33.194.179
52.45.55.227
52.5.192.179
52.54.42.45
52.7.176.196
52.73.169.144
52.95.125.22
54.157.92.151
54.159.78.82
54.166.152.158
54.175.87.114
54.205.67.126
54.208.181.135
54.208.69.179
63.251.28.218
63.251.88.51
64.140.160.2
64.202.112.31
67.202.105.22
67.202.105.24
67.202.105.33
68.67.160.184
68.67.160.26
69.12.8.74
69.166.1.10
69.173.151.100
69.90.254.78
74.119.119.139
74.119.119.150
75.126.248.142
76.13.32.147
8.28.7.81
8.28.7.84
8.39.36.141
8.43.72.98
85.114.159.93
99.84.160.120
00dd2f10306be0d85ecd917dc40258191e779ef5918b77879653d62088326c19
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
019feae1731a188e711e9a711090199708d7d3b0c0c6b32adbb7f338d3dc8ca6
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
01ef6ebd6eb1681f764ebaaca655e0fb590967176f2df5b3fd9e67e1bd525ebe
0255a8923f4b86d12bc51d83075db5cbe07a34fd0538a14cb50b6de902da8d45
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0478a5c2d7ff284928ccfb76d44fff3741326b35e11b39e4002223424b805844
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ac13517bf23a8ab3701c4d70f9ecbdf5670c16e506a0fd0f673a44b6b06c1b
0849e4b0761df9b5d739e148278ffdcc35b38a569c9b3571340b7bb909beb011
08ab6ef1c6e7f05abf7ebc4138e4f9379d231f8213ca62b10145cf6b8d2bc389
096736a9100a06c332c61e32f1f52c2be3e7a7c14d0664342523d06cc1a2cf33
09d6e9ee5afa691aa97b1eb0692986ef4fc353b25ec2609863811299a70c09ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68
11212a74fec9602bcef1c3ec91533111183efaf9908c2a7903737ecbeb19f283
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16870f4f321f93d84c7ac63dd787f95556c9234615b57a110af9b26b20385b1e
17397eb33f51895b08d2a7197c1706f274c7e8268d860625f24660ca185ec795
1782f8da063a4819199e3bf3f57acd156b30758b55cc62caaaffa01dd2850920
17addcf796c61ffcc00a930578ac88162b472a8a87ffabc688c12670f8a6667e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185e2bff3b9f7b597f819010519c5e3fd7f57abcfc4a0d0d9a5c8b93b230a580
18f8b44fed100cccfaaa2bd69fa525d71f254d4f8d95b9ef36a53528d086502a
1a038a6e7ddcfef12889f63f8c87ff3af1eaf6a86f9eddbaad5a39e260a15a4c
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1eaf1b15a0ab08fa7618af15e1b94765b92bfb5ec90711455b0ad7980403fce3
1eb1627495420b99e221ea2d15998bcaddc92c801f7b3ddacbf3e41709aeeab9
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f01e377121631cac91f0f644ae025a9ad40000b69e3317ebda1b1c6a83fdddc
2033806e677673f5d62ad234868d2bb20768840d89ed88ccf80322e4acaee61f
21e9e4f419adfda857b7a592a35319941ed930ed9a41eb8a532508f5c02c17ea
231a6ca742711804b79a2ec26b5f5fe6c8bb41b451648a0bdb95ddae33beec16
232b81501e6681b91a8134b4f00118d8d51835ef3a9502584671f997116852c8
23397bab1f993ecb15966380b46f6c23029a1719e46277af361f193af535fb8f
242d292c7f2822d87963faf93635a81bb9e67f28a2d9b034497a3c191057e28f
250c9e6d63bebf420f01c3cab92a74ab1a8002da5b80d5df634f12d222382a8d
288a3200a201a07aa18a779f6e497c6bfafa0af0a3a947e6b02928f76511f36b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29371317149d0e99320387ca65c5330f33dc5dc753408be18686fd5ded8b9134
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa824ed45fbaa37e07efcd7b2338009ff69c3ea98a153e0c0a6f3e064d32aa1
2ad10aab151258c2597c790c3899c31ed95d34689aa1bd79d4eae2b3a39e1d2b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e7ff8a9893c0fb085662356cddd8e57d34b4241bb5bbe1d9ad002d973c2fb77
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a5a100d3373b63df476b39e5336dcd4da9d9ea1b6af6c3eb5859cb26fe009b
311308c8b2c89b8fc59c4716bafa2ad8ce1dea1b8c2051ed8217d121fc2a5cf3
31223af0cb4f12c77e5a04459619bd730205e7ad5bc40565cb47897f6bd20c3c
3188af99a60bd9ec4609b6b7c9435650359be3831128b9c308a6de57c19d1f8b
31e91c0ad16f7afb4467c9739811c401ae97198ffebcac05e7715840406976af
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c23538599d3f89fc511892ff04136f9498b375e9ed0c67cef59c69357aec71
33aa785b05578c580965db464c7f5c00c960fa6febc47a3a39a6a67c281bb83e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34b1155f6700e2d296d08d500ba71f9a31826f441a3ded5b8279c63f28b46d10
34c19ed0d210c2c0768e75a762ac77bd7cc6b911f9eb56f5aa7080655ca7f4d7
3530507462a2da8ac309987d97b63aa11aa769aca29e1e4e2984aa92a879e249
3656f4087dff930d20f8ef31a1c55e5bf20af2024f22d4734dde2ed65525a4f8
378c4bbca2b0b4894342636863a35a8396528e0911a947aed96fea41285f2697
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a90b77c97ce937272123cb002004c1fb08c3c16498982ed1205334fa47cc53a
3a9f97bf603cd85135cc238daf928702fc1fae958b0cc1eccd4158bb165d98d1
3c3288f327298cfd1d8a7220abced32c0e0dc08ecde3ff0f3867fb3bc9832e29
3cffc97cfa9bd444210677b79556d2d61dccb05e50c51837c0fa720d3d43774e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3f9d5efe49bc8ad992ed3f9dfdcca63150e9bd0266c12d0b5f28ef6561a88dc8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409365991482a33021901c11ddccb5c99c675911cdf772c75bfc70280fc3fe78
41145f83d44c192401c3da512fe7cabd7c217e1dd90949d0c8ff5807bb42cfe5
44086f3e4dadda16fc77a29d019ec48b9f91ad28ae39103d0c101ecec5c5b74a
452624f4b40bb9790a5d98ce312ef1ed1c19b39ce079516bac5683d2083678d8
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
47cd7f94e3eea94ad1d9af004bb6143e2e690e7b002f0beab8146c0019f8d53e
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4cd455b279ff15af7777bba05e2fcc23be5a04a8b4a3b271023fcc05ff8bd6c2
4cf57ab7e808a2be8960e7e9a41e52eb3c743b8c415d2b6e7b1c3f41b4a51b72
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
5031010be407660bee7db4eef06e41b88cbbb628c4221092337a875549f15c51
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56456b151a0459aac1a97b417db3e4eb5c86febc80e85eed9b86469c09da5ccd
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
58050660ba6a1997de70876eca74118b1a48f19a9c2d74164a8f3e6c7482c33d
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5a896add9b5573afdc3a92e9ba50554bd6d06c88def90cdc1513a064cc62ee1d
5ac78f03d887d26b556d1d82611d8e6558d40b5e58da82dd2c7725dc1b899a41
5b1e2d45b886caf366856245c5fbdb202f8f4b0aa092acd36562754669d02a07
5c2a623c91375cbbf485657e0819ecb6a4ff6096139f42b615180a7521529d4e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e036ed77cece87e3af02eb53eae0ef1f8aee78de6e093d455b5c13560397412
5e3270b13dee6d7006b0ce2df8e65196e70d31028b7a621aa52ed0f58f690a32
5e737f128fe1cfdfaf641083c27039cde46d4c6f07cba4ae5a8955cf302ab336
5ee6b45ff6fcc6fa781bf299b205eadb1f33c961bb089395c5e040ab19040e0a
60dd36d836fb626dacbef179a242f4d7e92796c8c9d55a453cb32098763b27f7
60dee10a8cfb1ec38730242e31f5beb6c60d1e1170622f7ac995ef39eb4caa46
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6346e28c77bb5955fba4554b0ed25edaa7bc04fd6db4fcbb8fbca3301c176140
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63b9dbb60693b4348388fbac3d142eb8f0ec0915b0833810e1be17032c8ffc43
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
657014c24cd43b2bbd1317ab1275e0b3a88266ba13f41bbcd4358897d2be861c
65f418eedb124b61d9d7d081509d0964c5c5ab6e5d537f6181c0a7fc97cdc366
68815c4dee03c727e63ef1343f7ecd314ffdec7c98de6072e7ec5b5d3f7932b4
68f6fb8e43d346f4cafb383499a1b7cbb818eea024e62fdac9cf878e04aabc0d
6a368a1798415dfbd291a4eb663dd28ceddd12396a7519ab47cd3ed9d1757ea4
6a9c40a71438fef419038b70cacbb5581760e50a22d685334f3f191339b5dbae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e4b75816c1b2088ba5305eea405c0cddeeebee0f30ca09801724ea60ff49a35
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32
700490644eee8f5e27de79233f44079a13d885a7ab224647f45bf7c4122dd83e
7048cffc8d40a9a30ef697e4c5d0a36916f5fc52044329e28a8c7c4b4666aa03
70c4333d9e2a6f58df8af34d3abb24bb340f24ed1615d3352c37cf6cb3f642dd
7184f2085bedef65d3c0c459b2ade2c5cda92c16f4b6e426618aae36fc20d754
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
739aa72ac5c5d22fbff53db22d761fac6be92d3087b9c3ae2ff2b320b657e59a
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7523b4586b41ef03a3cd7d7d738b847cfecbd3da94c508969ed6ec52e992b46a
758d490d59f251482d75829f6bdcb3573b6723d55699e6defb9809ee93ebae0b
76ccb927c4df11d09ea80d22eaec4c96f97ad568be6f49d5d550cfccdc5e02a3
79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79db97866742604c15177019a7fd6623e2648fe6eeaf741b6239684dc9ed687a
79e4563fc024f7143d67bec6ba55901f4e2bea5c267c4b00f6d9d0a4aacde984
7a115c19b1f033f552334de2ac831276345b5c23ffcca2a0c5e1c5c101dce718
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b27071d543ff9d9f90693716c5378d09bab10dac2a00ea39c9aa0598d5b9c05
7bcb6224428724b3bff7c01b352bb32086448b37897498b8fbbd8703d8c75387
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c3bb4b0dc50c421daa6ffd15f9c2fa5477f1dcbeca3d8ab68ebd7a60f030157
7cf0bc393c3475d197a3a69812bef2a04d62165b3f8e6b1ff433eaf3656a9fa5
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
80a0a3844f4ed88c2cbc65f634f637f68094822a1f74c3f9acc1145966a086ec
8135a9b485fa655b42dd33383f061b97e56af2a11ae49319433333a17389ba29
8162734ffd2ce99d87ea972d5bd78dfc92a72c1ccac10f3de783de32bd1e2d07
821ff61ee5058c737b0efe935f5a9a644ccda0cece47f88728bac814216f78fb
82c14ad5f707f2ebad3473956d2431b2b0149fece6c7c839994064198867befa
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8386f7f3a6095894b2669a75dfd12d9f4c615289da0543d6d74aaa3cccac1e00
83d42ee8bac62ae52b3e2263cf01ce45dc5fa745fb3f4504443125f1307d51d1
83ea94126771384846f041c042979b5111a96606e5cf5e915432b5670990e6f7
841da94bfe377a31af829986e4c18d322f33ed46ba22a73c2bb09463dd910fb3
8514a1b244c66efa8075fbbb5fb57cb9a50d447cde7689682d16189a5d36a6a0
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
89597ad41d4ee05e694b18f2b55237ef515b3aa435a1ed1f955ec09c10d124c1
89ac85d59b9050e71fb0a1bd4b2fed75e2da849bbffe70409be2d6bafa4b803f
89d6a758a7f16d3f67d2bfef2a9f9046a18c1056af10a00d4360133af9652b11
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a574667a3b1085eb30d8febcd40ff5afa88cfb1250630420a9c7a2908afdc86
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b053c01e142c48eda51e37ab3baf3e61b6a04067221001d2f7175012a91fe1e
8c1a61c1ff9f5bc136452d9409ed5220fca6e39e9da478a4bf3cf362eecd1b7d
8ee1abee1a9cb095bf9d663a15208f7d99f0791a3d73292161bd2e57c8f162f7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
901bac121f9568c463b3cd455235b09947cc95c02204748c202e8abd1b96fb54
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
905adca3d0ecbf611dcc90db0b0b6d4d061499928cdffbc6da75bc9c334f30ba
90f76036f54fde1969a5ea98043a8ce4c14210dc7c154d1bb228391e63e806d6
92075c52408692d80ea1b377bc02ddd07ddcef79301a747de9fe6f3bff77fc3a
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
934c3658518ed674197b748c39664c23abf4a4cea1c2c280aeef405cc086ba6b
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
963b73f99c8216fda9bec7b79576aaa207555323d732c99282763f2f0adbf6aa
96836ba338cfda0985b7c63837ac8e9823612ef5c439ec61a5a5f41fdf6da1dd
968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97c8c51979f526331b9c5d535c222a180945492c536ef60c1d4a5ca6e403e12c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99da21f2df245211f06df73b860628ca321358e542b66c9a163bc32f5909e37a
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9f236b08766e529f08d5abe87ec4d1deafad0196d7875a4564d800a239a622b1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a08b3989f2edbf4c7e52644e6e9ce840a84de9f9931278dda17e470755c4274a
a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83
a15cfb510eeaf0a70da486e2194fddaf5731ef0aad3bcef1b48c3f834a15343f
a161c7e4760b2028abb95c207a56db46567129f2659d222fd94d87760ba86066
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33cb7da98a7b8d766d2fa1f475a5739ced7ff3b7571b930050fd9241602c574
a3ac6a1a0fbe2023bc23d72a7daf52c60f25bd9461e96c2f5d090b2187ab5c4b
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d6f391d10c4308b754b4b8c366a8b28bc78746aef4c6edd073158c0f80a8f2
a658220d878c8e688814baeca1cad2c0f5ca917a9afe4d3da791088849aa8251
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7abe79b6d8d622f570fd7b9eb6ef35ff746280fd196e663eedc0963da4301a4
a7b90220a7fadc14897d2275223b2d501cfd39481fc0e300a9b0db12f5b8b1ca
aa5902f1a1fdc975a919b9e0dccf70b7627dc065a7e806aa9799b4e55449a5ed
aa895904237672249b8a79b17631fc7f25d49a066d1e61bbcfd9f346f851e5f4
ab0174d7de7248eafc6263e8d8f6ecd887c463b778d70b7f87c83a45cdc260c5
ace1eb4ade0c06c1fd649246463ea87dccdd28a95b7fe1579288440066a74c5e
ad67e405deffb1cad7fb12c91b7277bdf78f0160b8d74885081ce55ccd7228f1
ad78ef2d20232992d750986d459d56572e1a581c536a2e4b19a29e46b0ca0b8e
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
adeb384cc1007147aeb85de376da8bebfffdddd4a88186aa92e8ea5f83aef389
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1304c25f3576147c65126961a163d202ecf52bfab9b466eafec6b9ee7619329
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b3b339e10c4772cb8e73fa2a5563ad692e5c0495ed06ec6843e805d6afa42864
b3dfa7645303e8f1278f830961823916a0004f40513d87540d7ad0e7b862db41
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5a18b9a8af4fbbea189daeb60f90a7afb60475fe56264b5041bedfb65cd9e7a
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5bed3d0bfa424dd617247b2360cff76d2bbf021abd88e4b4f140d1797359175
b6102537310bc7b49741b165fca1911f7dbdd98ebb87cf8d1c1dd6a183301c3c
b630765b1af4248bd66f4662ced230b6758804c08a685f621ea804c8cc1ce214
b688ec4cfbf64d4b628fbe31ed4310eb45e16f25ebb2294a7d36eed05c83a3bb
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
ba8a0cf662c9180b94775eaf10077762d8e2240a30e23833f306d2fe6d4262cc
bb05454234cec646ec25b74ff98865873afbeac53625feb7cd0c1e353d28d2d4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb3b8e280474cd3c0e53d97584f29054a685f72dd9ed3a5d4332668b8c2203de
bba79064c3cd2b6176d8edfca83dce03a2437fec7b0ec11a4bfcf87d33766181
bc09aa985694ea25eb0f8f0524baa0cd3d9ce95e7ac0d10d387359fa0e01ed0e
bc45863bd1d9ff72935881c27ffcd781c4ba2932a5e6879035bacc68ab30bec0
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bea78c9a7a2a221feb848ddac583f7a22f95d8dc5fdd28826147bb70b7d5cd87
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bff5a930635c50743b63a18e35b99355dade5765dd27f2c84d889f2d23aedd8d
c06974111e6674acbd0ccff4dd91b53f1ea70e6a38ac7cbd8e2fc7a6accc4589
c182200f50fc9c7214ccc51ab466d567643a1f9e52cc6f1b1740e1d9c70e5c38
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3310104facf0281ab136db8608bf9d30aa14ded295d5427aad00a011559e49b
c4838100e57583ed317a91d8454aa3131401817d5f281a73dc45297c96c5eade
c6d3903f57549bccef9cf72a7c7b3a429bba8c954eb60799f44a6e972150d975
c771a0497eb54dc0438257f8ba5f312390ade71934b1b68e56e5373331eea409
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c914ad5ff1ab1931c0915a34eeb0f9c81d0c3875d8de295665f078cd968b5cda
ca8426820aec3db5f66f24801df2ed8fa6f942caa96900310f9aa3089e9fb2e2
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae504383e2777e8a7f0af4ff598a4495bef67a6db11b6cc6035998487cbc6fd
cb5d71d5152abef77af23e94ba7b2091a62ca67fbef70da48c8cf92cb0dcf446
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbad17ab9eff1a901d5e73f4b81ce959441c9df7ce0939341b825c013c18963
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
cf8aa2e1d1baef32947b4684a2e715ac5e8c46bd02ec0ccbf3b86f2574a07e15
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16291e4f4619527f267779ed816b33ec3461bbe156eb852c50a2db5c098cd83
d1a064028d5c0cceddcf5eafdf4600f07cbabbb31fa917956b25b21a4d8f8767
d26cd524f5736815db7a880fed10b7c03fe5ddcd3a367b84c46bb88fb618da77
d30df60bbfe1fc2632065308e48539c629ca24f84700760fd069b867f400fe7c
d5da2e78ecdf98597abb4086ffe273ffa68b7c46b1a41a6a62770fa698ed7b86
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d732a08510eb744ba828da666cabf959138b88ec97d8a07c2a3084c1d2dc9146
d74cb858e4d278e35b427efc4eceb76c2788146feec30eefb54a190de8053b19
d76de70cb72aeccf4dd90943cd0ee7d1714fdbce960ec564182ed15a76cbb208
d898607916aa65f22321ee869090314d25c8f390f2fe84f4d5b27c4685cef329
d8f0baf1841205aef52bf8ea0979c956101be27b9b02f32084c3c507347d3afb
d92a11899a5768511f0431479d50a6fbabd9aa93099c062bc9f348fdb83be72b
da9e09aed318dab2358d104d9118f2464699e9e2b91096b9a03c57f67e986c73
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
dcd096835964947f12cb7f44c5a82ef41f3fcb58b13d8a2d7818c00a31d6ed49
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd67a3d9a16e643dd6c7928cd5c2ef2380ead191e25fabd298a0bbc09303cd1f
de30b1fc781f1344f02ff2230b868a870e18cea33e2228017066b2f1d2ef753d
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0d26648762167c302cf4c8332ffff5dab0e087563ad05d27b70211a9440f8ed
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e2fe6283fcfa262d9a883ec9451d30e1c18905c9ad6c50ce71d9a70254590b6b
e3636b441dd0973608e4572b72daca868b406ef070fcc8aacc1d12d74a443b0e
e389acdc6743149a262521d521b0e52d771c5e21a8f532413237ad25ca4dd1a9
e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dadfd839737303e43fb322521a94eb5ad036ffc603205f95e34c56c0acc4de
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e492337a2aba97c127db17a339a63288125a6eb6c8efb255a26dc0ec60aa6839
e512370eeb49fd606347b7b8dbb033201345a2dd9115c632c321062eea8eadf2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5edfd14438381494978b374a92429959d8a90e57bed32e2c64e54d76dcb5c8a
e667de6a3e66b1f7f687333aaea061512e76ca144cb6915f6dbf88aedf82407f
e66f307da6d0f916726c3bbc0301a079a05240a218c1eb34cc82dd3fbc6ccb56
e70e879864afe7256e70b60790a1963ea8039bb66440741a3f3a967d90736d3c
e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4
e834abf9f030b31e391b80cad46627edae6e3028b41d03e52bbe42dd808df62c
e8fd609ded03d7cd9e9a0332423f1c7e344727f36619d441ed955aa915d1bd2a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e97427087d41a216da4372ec3d9424695ea19bca72fe53340105f1ff1a9264bc
e9d882a6dd5a7ceb27293ab69dba91efff9a1f2e69873720087cc07eeb707f81
eada005d34e81c7074ae7ec35c1a65b965381e444ce29b893bd55f6a352b593c
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ec24056464a659dd78f6e05e79506ea7a436c4336f7c2278474968783ae9c7a4
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed2c498a761170ddb9c3f590b1b6d120d7a8c7debbc5079b99951db43c036862
edda33933667ca212878ebcac051e276be37ce67b0a9df54a33f42e7eb553821
edff7019cd7f3fd44dddeb0664f8d42e8f2714a2779dd65a8e8d1e2a2830871a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3869817acbb97d36147a60bad78a5fde0210f924f69d7e88868162c0bbe19d
f0a1fe3643bb3bdd249470706fd27b81f4037ea1487d05dbaa1b93f43b064231
f0feacd3904e869817b230c90cf5fc9e006680a815e323724bd14a0b75d142e9
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f31877812ade3cbda659976d8597d3059465388c75dd9097c5c9b63ad7aaa7c4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3bbdc0719718059772cd59c8cd777f075ffffedf6cb768933770646d819f5e5
f46d9a4e277e6492c93bb34537bb2f7f6bdd2d742409f93ee36d222d756dab52
f491f06c528cd698ac162ab6948f8f0603ac1cdb665eaca86aca0c1e8a0889c8
f4921bc2575a32b7a59fa32a43b3902353cc129f4ac8010d9187f5f232fffe30
f595bb2055daf8be518b548b4aae67f37cba41179f7b937f7d6742ac58370428
f60d93dc6899ba2905c8299a1d34e0211db53e75b063e99fd8f9af3c7939d00d
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
f8cde3a345118e5f8d098d68e1814df5c75ed64fa2ae9b4b1cd7022c9c9bd07c
fa17cce15c3decbcc1b560cfbce036e6c7f8cdd68dce3b6b6f02d8de906ddd89
fbe433960ff741df9bb579a940b5f0b8f32d64bdf70ebf941d522c732d231971
fc819b0b63d4da14fde7aa8065c6fc20090362c9ae0631653c946d329ecf7121
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fde5caab3873d878f98ff334c14f01c4adba240e7021d49b4768b4fd11135c3e
ff6ff8b45a3ce5744b0597107479dbf9866a9b5fc7db4758ef8cecef83f0f177