www.lapresse.ca Open in urlscan Pro
13.249.184.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberatta...
Submission: On November 22 via api (November 22nd 2021, 1:01:23 pm UTC) from US — Scanned from CA

Summary HTTP 261 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 58 IPs in 5 countries across 52 domains to perform 261 HTTP transactions. The main IP is 13.249.184.35, located in United States and belongs to AMAZON-02, US. The main domain is www.lapresse.ca.
TLS certificate: Issued by Amazon on September 16th 2021. Valid for: a year.

This is the only time www.lapresse.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	13.249.184.35 13.249.184.35	16509 (AMAZON-02) (AMAZON-02)
40	13.249.184.58 13.249.184.58	16509 (AMAZON-02) (AMAZON-02)
21	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.223.138 35.244.223.138	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
3	23.73.244.44 23.73.244.44	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f03... 2a03:2880:f03a:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
14	13.35.77.80 13.35.77.80	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:7e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	13.35.77.64 13.35.77.64	16509 (AMAZON-02) (AMAZON-02)
6	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
2	72.21.91.66 72.21.91.66	15133 (EDGECAST) (EDGECAST)
1	18.196.86.6 18.196.86.6	16509 (AMAZON-02) (AMAZON-02)
1	34.227.185.199 34.227.185.199	14618 (AMAZON-AES) (AMAZON-AES)
1 3	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
1	13.249.184.9 13.249.184.9	16509 (AMAZON-02) (AMAZON-02)
4	34.120.235.16 34.120.235.16	15169 (GOOGLE) (GOOGLE)
6	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.1.208 151.101.1.208	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:210... 2600:9000:2105:6c00:5:18cb:8bc0:21	16509 (AMAZON-02) (AMAZON-02)
7	34.194.203.220 34.194.203.220	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	74.6.138.64 74.6.138.64	26101 (YAHOO-BF1) (YAHOO-BF1)
1	2001:4998:58:... 2001:4998:58:207::6000	26101 (YAHOO-BF1) (YAHOO-BF1)
6	34.200.131.242 34.200.131.242	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	18.233.78.203 18.233.78.203	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2 2	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
3 3	207.198.113.178 207.198.113.178	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	2606:ae80:147... 2606:ae80:1471:17::1050	25751 (VALUECLICK) (VALUECLICK)
1	35.231.227.177 35.231.227.177	15169 (GOOGLE) (GOOGLE)
2 3	52.201.9.166 52.201.9.166	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.214.61.128 18.214.61.128	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
4	52.20.125.49 52.20.125.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9d	15169 (GOOGLE) (GOOGLE)
1 1	156.154.202.36 156.154.202.36	19907 (NEUSTAR-AS6) (NEUSTAR-AS6)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
1 1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2003	15169 (GOOGLE) (GOOGLE)
10 15	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2	52.45.81.9 52.45.81.9	14618 (AMAZON-AES) (AMAZON-AES)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2607:f8b0:400... 2607:f8b0:4006:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
1	65.8.20.91 65.8.20.91	() ()
6 30	23.41.168.244 23.41.168.244	() ()
3 18	35.244.159.8 35.244.159.8	() ()
3	151.101.193.108 151.101.193.108	() ()
3 3	2620:112:f002... 2620:112:f002:bbbb::21	() ()
4 4	151.101.194.49 151.101.194.49	() ()
1 4	2600:1f18:4e9... 2600:1f18:4e9:5a05:915b:1f70:c370:1ea5	() ()
9 9	35.71.131.137 35.71.131.137	() ()
3 9	68.67.161.205 68.67.161.205	() ()
4 5	8.43.72.97 8.43.72.97	() ()
3 6	209.54.180.144 209.54.180.144	() ()
1 1	3.208.223.190 3.208.223.190	() ()
2 2	23.64.107.8 23.64.107.8	() ()
2	51.161.117.181 51.161.117.181	() ()
2 2	185.167.164.51 185.167.164.51	() ()
1	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
1	54.81.254.118 54.81.254.118	() ()
2 2	50.16.197.56 50.16.197.56	() ()
2 2	107.178.246.49 107.178.246.49	() ()
2 2	34.200.88.28 34.200.88.28	() ()
1 1	199.38.167.129 199.38.167.129	() ()
3	69.173.144.138 69.173.144.138	() ()
1	35.190.60.146 35.190.60.146	() ()
1 1	216.200.232.249 216.200.232.249	() ()
261	58

4 13.249.184.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-184-35.bos50.r.cloudfront.net

www.lapresse.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 13.249.184.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-184-58.bos50.r.cloudfront.net

static.lpcdn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.lapresse.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.223.138 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 138.223.244.35.bc.googleusercontent.com

cdn.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f03a:1c:face:b00c:0:3 (Minneapolis, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.35.77.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-80.bos50.r.cloudfront.net

mobile-img.lpcdn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:7e2 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.77.64 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-64.bos50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.91.66 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.86.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-86-6.eu-central-1.compute.amazonaws.com

fsm.lapresse.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.227.185.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-185-199.compute-1.amazonaws.com

lapresse-ca.lapresse.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.184.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-184-9.bos50.r.cloudfront.net

weather-api.lapresse.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.235.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.235.120.34.bc.googleusercontent.com

optable.lapresse.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.208 (United States)

ASN54113 (FASTLY, US)

sdk.iad-06.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2105:6c00:5:18cb:8bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d39kx4ztdxg7cf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.194.203.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-203-220.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.6.138.64 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: media-router-flurry71.prod.media.vip.bf1.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:58:207::6000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.200.131.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-131-242.compute-1.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.233.78.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-78-203.compute-1.amazonaws.com

lapress.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.10.30 (Poland) 2 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.198.113.178 (Herndon, United States) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:17::1050 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

districtm-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.231.227.177 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 177.227.231.35.bc.googleusercontent.com

dmx.us-east-33.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.201.9.166 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-9-166.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.61.128 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-61-128.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.20.125.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-125-49.compute-1.amazonaws.com

ca-lapresse-prod1.collector.snplow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9d (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.154.202.36 (United States) 1 redirects

ASN19907 (NEUSTAR-AS6, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)

48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.176.194 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.81.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-81-9.compute-1.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80f::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.20.91 (None, )

ASN- ()

files.lpcdn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 23.41.168.244 (None, ) 6 redirects

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.244.159.8 (None, ) 3 redirects

ASN- ()

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:112:f002:bbbb::21 (None, ) 3 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.49 (None, ) 4 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:4e9:5a05:915b:1f70:c370:1ea5 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.71.131.137 (None, ) 9 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.161.205 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.43.72.97 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.180.144 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.223.190 (None, ) 1 redirects

ASN- ()

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.64.107.8 (None, ) 2 redirects

ASN- ()

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.117.181 (None, )

ASN- ()

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.51 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.254.118 (None, )

ASN- ()

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (None, ) 2 redirects

ASN- ()

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.88.28 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.129 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	lpcdn.ca static.lpcdn.ca mobile-img.lpcdn.ca files.lpcdn.ca	829 KB
25	doubleclick.net 11 redirects ad.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	151 KB
24	casalemedia.com 6 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	27 KB
24	districtm.io hb.districtm.io cdn.districtm.io dmx.districtm.io dmx.us-east-33.districtm.io	30 KB
19	rubiconproject.com 4 redirects ads.rubiconproject.com prebid-server.rubiconproject.com pixel.rubiconproject.com Failed prebid-a.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	114 KB
18	openx.net 3 redirects u.openx.net us-u.openx.net	3 KB
17	2mdn.net s0.2mdn.net	170 KB
12	adnxs.com 3 redirects acdn.adnxs.com ib.adnxs.com	59 KB
12	lapresse.ca www.lapresse.ca static.lapresse.ca fsm.lapresse.ca lapresse-ca.lapresse.ca weather-api.lapresse.ca optable.lapresse.ca	49 KB
10	yahoo.com 3 redirects ads.yap.yahoo.com geo.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	11 KB
9	adsrvr.org 9 redirects match.adsrvr.org	4 KB
8	demdex.net dpm.demdex.net lapress.demdex.net	11 KB
8	braze.com sdk.iad-06.braze.com	25 KB
6	amazon-adsystem.com 3 redirects s.amazon-adsystem.com	5 KB
6	indexww.com js-sec.indexww.com	6 KB
5	googlesyndication.com 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	22 KB
5	everesttech.net 5 redirects cm.everesttech.net sync-tm.everesttech.net	953 B
5	google.com adservice.google.com www.google.com	1 KB
5	google.ca adservice.google.ca www.google.ca	2 KB
5	yimg.com s.yimg.com	141 KB
4	snplow.net ca-lapresse-prod1.collector.snplow.net	655 B
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
3	turn.com 3 redirects ad.turn.com	1 KB
3	bidr.io 2 redirects match.prod.bidr.io	1 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com	2 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	facebook.net connect.facebook.net	86 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	tapad.com 2 redirects pixel.tapad.com	1000 B
2	exelator.com 2 redirects loadm.exelator.com	2 KB
2	adform.net 2 redirects c1.adform.net	953 B
2	dyntrk.com gu.dyntrk.com	430 B
2	owneriq.net 2 redirects px.owneriq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	dotomi.com 2 redirects districtm-match.dotomi.com	687 B
2	creativecdn.com 2 redirects us.creativecdn.com	697 B
2	google-analytics.com www.google-analytics.com	20 KB
2	fontawesome.com use.fontawesome.com	8 KB
2	googletagservices.com www.googletagservices.com	63 KB
1	mathtag.com 1 redirects sync.mathtag.com	656 B
1	rlcdn.com id.rlcdn.com	448 B
1	rfihub.com 1 redirects p.rfihub.com	776 B
1	adentifi.com rtb.adentifi.com	88 B
1	ad4m.at ad4m.at
1	adroll.com 1 redirects d.adroll.com	112 B
1	33across.com 1 redirects dp2.33across.com	496 B
1	agkn.com 1 redirects aa.agkn.com	672 B
1	cloudfront.net d39kx4ztdxg7cf.cloudfront.net	26 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	appboycdn.com js.appboycdn.com	51 KB
1	googletagmanager.com www.googletagmanager.com	63 KB
1	optable.co cdn.optable.co	42 KB
261	52

	Domain	Requested by
39	static.lpcdn.ca	www.lapresse.ca static.lpcdn.ca
17	s0.2mdn.net	48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com s0.2mdn.net
15	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com
15	cm.g.doubleclick.net	10 redirects u.openx.net www.lapresse.ca
14	dmx.districtm.io	www.lapresse.ca cdn.districtm.io
14	mobile-img.lpcdn.ca	www.lapresse.ca
12	us-u.openx.net	u.openx.net
9	ssum-sec.casalemedia.com	3 redirects js-sec.indexww.com ssum-sec.casalemedia.com
9	ib.adnxs.com	3 redirects acdn.adnxs.com
9	match.adsrvr.org	9 redirects
8	sdk.iad-06.braze.com	www.lapresse.ca
8	cdn.districtm.io	www.lapresse.ca cdn.districtm.io
7	dpm.demdex.net	www.lapresse.ca ssum-sec.casalemedia.com
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
6	u.openx.net	3 redirects www.lapresse.ca
6	js-sec.indexww.com	www.lapresse.ca ssum-sec.casalemedia.com
6	prebid-server.rubiconproject.com	www.lapresse.ca
6	securepubads.g.doubleclick.net	www.lapresse.ca 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com www.googletagservices.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	s.yimg.com	www.lapresse.ca
4	pr-bh.ybp.yahoo.com	1 redirects u.openx.net
4	sync-tm.everesttech.net	4 redirects
4	ca-lapresse-prod1.collector.snplow.net	www.lapresse.ca
4	adservice.google.com	www.lapresse.ca
4	adservice.google.ca	www.lapresse.ca
4	optable.lapresse.ca	www.lapresse.ca
4	sb.scorecardresearch.com	2 redirects www.lapresse.ca
4	www.lapresse.ca	www.lapresse.ca
3	ad.turn.com	3 redirects
3	acdn.adnxs.com	www.lapresse.ca
3	pixel.rubiconproject.com	www.lapresse.ca
3	match.prod.bidr.io	2 redirects ssum-sec.casalemedia.com
3	pixel-sync.sitescout.com	3 redirects
3	ad.doubleclick.net	1 redirects www.lapresse.ca 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
3	connect.facebook.net	www.lapresse.ca
2	pm.w55c.net	2 redirects
2	pixel.tapad.com	2 redirects
2	loadm.exelator.com	2 redirects
2	c1.adform.net	2 redirects
2	gu.dyntrk.com	ssum-sec.casalemedia.com
2	px.owneriq.net	2 redirects
2	eus.rubiconproject.com	www.lapresse.ca eus.rubiconproject.com
2	tpc.googlesyndication.com	48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
2	prebid-a.rubiconproject.com	www.lapresse.ca
2	48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com	www.lapresse.ca
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	districtm-match.dotomi.com	2 redirects
2	us.creativecdn.com	2 redirects
2	ads.yap.yahoo.com	www.lapresse.ca
2	www.google-analytics.com	www.lapresse.ca
2	use.fontawesome.com	www.lapresse.ca use.fontawesome.com
2	platform.twitter.com	www.lapresse.ca
2	www.googletagservices.com	www.lapresse.ca 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
1	ads.yahoo.com	www.lapresse.ca
1	sync.mathtag.com	1 redirects
1	id.rlcdn.com	www.lapresse.ca
1	p.rfihub.com	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	d.adroll.com	1 redirects
1	files.lpcdn.ca	www.lapresse.ca
1	pagead2.googlesyndication.com	www.googletagservices.com
1	www.google.ca	www.lapresse.ca
1	www.google.com	www.lapresse.ca
1	dp2.33across.com	1 redirects
1	aa.agkn.com	1 redirects
1	stats.g.doubleclick.net	www.lapresse.ca
1	dmx.us-east-33.districtm.io	www.lapresse.ca
1	syndication.twitter.com	platform.twitter.com
1	cm.everesttech.net	1 redirects
1	lapress.demdex.net	www.lapresse.ca
1	geo.yahoo.com	www.lapresse.ca
1	d39kx4ztdxg7cf.cloudfront.net	www.lapresse.ca
1	cdn.jsdelivr.net	www.lapresse.ca
1	weather-api.lapresse.ca	www.lapresse.ca
1	lapresse-ca.lapresse.ca	www.lapresse.ca
1	fsm.lapresse.ca	www.lapresse.ca
1	js.appboycdn.com	www.lapresse.ca
1	www.googletagmanager.com	www.lapresse.ca
1	static.lapresse.ca	static.lpcdn.ca
1	ads.rubiconproject.com	www.lapresse.ca
1	cdn.optable.co	www.lapresse.ca
1	hb.districtm.io	www.lapresse.ca
261	84

This site contains links to these domains. Also see Links.

Domain
fr-ca.facebook.com
twitter.com
ca.linkedin.com
www.instagram.com
www.pinterest.ca
jesoutiens.lapresse.ca
www.facebook.com
www.linkedin.com
beap.gemini.yahoo.com
plus.lapresse.ca
application.lapresse.ca
aide.lapresse.ca
carrieres.lapresse.ca
publicite.lapresse.ca
necrologie.lapresse.ca
editions.lapresse.ca
www.pinterest.com
publicite-electorale.lapresse.ca

Subject Issuer	Validity	Valid
*.lapresse.ca Amazon	`2021-09-16` - `2022-10-15`	a year	crt.sh
*.lpcdn.ca Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
cdn.optable.co GTS CA 1D4	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-31` - `2021-11-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
fsm.chip.de R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
forestryjournal-gb.forestryjournal.co.uk R3	`2021-10-20` - `2022-01-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
lapresse.cloud.optable.co GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.iad-06.braze.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.gw.flurry.com DigiCert SHA2 High Assurance Server CA	`2021-06-28` - `2021-12-22`	6 months	crt.sh
analytics.query.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-03` - `2022-01-26`	6 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
ca-lapresse-prod1.collector.snplow.net Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.dyntrk.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Frame ID: FFA592598F81E47BAA20369624ADAEE6
Requests: 131 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 0F7B6FCD8AD22215F15C4EE1FABAE32D
Requests: 10 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.lapresse.ca
Frame ID: C5267DF60D521AAC0E956528444355B5
Requests: 2 HTTP requests in this frame

Frame: https://lapress.demdex.net/dest5.html?d_nsid=0
Frame ID: AC721E622826D09D1B94D963746C0D70
Requests: 4 HTTP requests in this frame

Frame: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 052EDC1DB00E740F8C4DA97F37D6E168
Requests: 1 HTTP requests in this frame

Frame: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91E40136F4B82A17E600079C0C46B4FA
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
Frame ID: B1276977CD6CCEF6AA273EBC75EA6B3C
Requests: 16 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 056A51E30BB9ADBEE2ED8F625898B6F3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: B72AA83A1DD7E6A2C9625B9499D6A094
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B620BCA4E7363BD873C1FD4BF96AD21F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 60EDD66E7B598EE501E988F77D9034B2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E931344C9CE34BD73F1E2595CE05B9C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E884BAC2AB97AFEBD5138D42D34B10F3
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F5C95C4E73AF3214933C25FC65CD8BCA
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E23DBFA872CC502368AF70D89A82AE86
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 8177FD30889A946B361FA803D5295629
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: B7F899C9D264196C9E0689A5E8E22045
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 51EBD29F8FEA213E973D7C117599631C
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D762FB53D25B08692ADA4BD6740B3190
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 582A14C87BAFDF4EE756D8327CCD547C
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C13DA1699241CFB1CE079FEF6E403A9D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 900187B0712473FA5304571AA78C4B19
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8EFCCCE66A31B5D1238CD800235B9388
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Candiru | Une autre firme israélienne suspectée de cyberattaques | La Presse

Page Statistics

261
Requests

80 %
HTTPS

29 %
IPv6

52
Domains

84
Subdomains

58
IPs

5
Countries

2138 kB
Transfer

5294 kB
Size

36
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://fr-ca.facebook.com/LaPresseFB/

Search URL Search Domain Scan URL

URL: https://twitter.com/lp_lapresse

Search URL Search Domain Scan URL

URL: https://ca.linkedin.com/company/la-presse

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lp_lapresse/?hl=fr-ca

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/lplapresse

Search URL Search Domain Scan URL

URL: https://jesoutiens.lapresse.ca/contribuer?utm_campaign=jesoutiens&utm_source=lpca&utm_medium=boutonSectionInternational
Title: Je soutiens La Presse

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?app_id=166995983353903%3E&sdk=joey&u=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&display=popup&ref=plugin&src=share_button

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&text=Candiru%20%7C%20Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques&via=lp_lapresse

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&title=Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&text=Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques&via=lp_lapresse

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=kcRMYwAGIS9ukV6vagRt4STCyMSLTRPN4fOIwo7FeLilxrw6wzYpMO2uZItX5MHxab84L2zL3pJgwDDgUjUArR_357AF1FYjgS3phErZNUzdymWU.rRCcAxOTM3m2NMDIB7OJGUMaz.mAdSWY_Kvvd0aqmTT5YZwZOF6CyYNf8UFQkFrQ_BYARa.d5R59pd5ZHwR0rUhGd.STD_DcpOu6mwrbvKg7j3VKRAc.bpNlCPrM0MsSXaDr7b_18OZ9pwI1HNf9yEB6.1zCs5G2Z3trehbOIzX2wYs.Ec4uazaiZ4mzWH4LCG8_5_Inx.PSAmP59On.So37CRTH_tR54pV79sR7bo8808OLvIbfTNgVA5uIqyZ24UqVGlsFiMgikhnpSedzRAdPcSKaAzpsY_qdZMXt1LGnUW9RZhKoOMpjBPgxSsRxYgXyG04UFOods49qSwt1uSLe4Vp8Kd4yn6LbEYCfFHP7djJx2v6PY0VQpJK9UwtqgLjCkttmnOotp0SrG2vjGiaiB7tys8PM.Xz3WF4LKDue87U_vS3I6IdiDuBJKIQn8XvWCbfue37Pfumha4fgoEmblxUBnL9H1ufwvwhLbsuJ.sJYzEIUsSEx_Pu67Zbti2apLmifewE16n.5xEmLziK6z65c0IjGi4H9MBPsl_f8_uT0n9Xec6c1yPIVDTzd6Jn1P7vahbbZb7rgQA_NxOX1cCvspk0gND_._UvinebqK3Z9pGH31Ea_joCHOgIbLCs6U17jsT3uVNPMIIxNewrN8WryDlT6GfEUOSulDOQNcl5

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=bVxfEYUGIS_pE.k2wlZx3OtCBDVLfgTdEeLwA0Xz5ZiFDPO9WIftrVwrq2Y5QhKGAbqKl1Edu3TvjjoAxj._j6oizKZ2ssOnwsMboaNbTG2kccb5Gi8YRPmH.L6xZLLiR2pEhpNHlntJNkdSdFystjT.0hh0KWMYh0Tl4xHQwNkbJcLjUGLDr_27jYsMc48IshD4H7fIu5hfGJGR.rAbUQDweiS3p2bflCKmmG7GfYkYZXZhONTcvL1e1n8XAzfREe0a85FcntsKP4Rjvbqv2OOF3EbMW1VieRwg_EySoqoDjwVBUmyhfkfVQbQZVJ9JdkHng130WPmKtRMH2rE565DrbOH3qsS_jyJkpOczPKOBe71mUoZKuAQxUkW492RBAjPIq8pyWiktmQqYWh6F0STTGEEm9n4ma25GlIU34EJDcPfiUBQwmcSfRjdG1cyGACBI6IbZYnCM4EZZkVTzSc_n1b00WBtGFtjDUOYw2VOsuPcmqqhZR8ePoP6Pq3jrYV131VAE5oP1cMs7ieq5m6B4FMNsyTqSKuYRaCgjzVzqPk0ZJuaeNpG_r7KxwsN02SX0_OEW3reqtSwB3Sktkg7HIUfJF6OSn5AfzFBqq1tsn.q5mbxtWLcTfvx_U6hTY9YYiAgYC9.wuIgkx2W_TY_jaACgRzkJL32Ala4BrLXmIsWus5o79uk8z5xx.SeHs.s_.zUJEt8BXDGFp..g52Ch_sfYm1qDUxz9tulZJEAZfP1Ui.naE55qaJHnAn.yTJh70HMDLgmw17x5EaS2ExLpeipa6p6w

Search URL Search Domain Scan URL

URL: https://plus.lapresse.ca/
Title: La Presse+

Search URL Search Domain Scan URL

URL: https://application.lapresse.ca/
Title: Application mobile La Presse

Search URL Search Domain Scan URL

URL: https://aide.lapresse.ca/
Title: FAQ et Nous joindre

Search URL Search Domain Scan URL

URL: https://carrieres.lapresse.ca/
Title: Faites carrière chez nous

Search URL Search Domain Scan URL

URL: https://publicite.lapresse.ca/
Title: Annoncez dans nos médias

Search URL Search Domain Scan URL

URL: http://necrologie.lapresse.ca/
Title: Avis de décès

Search URL Search Domain Scan URL

URL: https://editions.lapresse.ca/
Title: Les Éditions La Presse

Search URL Search Domain Scan URL

URL: https://aide.lapresse.ca/hc/fr-ca/articles/4411685823383
Title: Renseignements sur les archives

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/la-presse/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/lplapresse/

Search URL Search Domain Scan URL

URL: https://publicite-electorale.lapresse.ca/
Title: Registre de publicité électorale

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://sb.scorecardresearch.com/cs/3005690/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 75

https://sb.scorecardresearch.com/b?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1637586072716&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&c8=Candiru%20%7C%20Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques%20%7C%20La%20Presse&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1637586072716&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&c8=Candiru%20%7C%20Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques%20%7C%20La%20Presse&c9=

Request Chain 104

https://cm.everesttech.net/cm/dd?d_uuid=69103331988355342034317749239065217927 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZuUmQAAAEqEcgQE

Request Chain 108

https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
https://us.creativecdn.com/cm-notify?pi=districtm&tc=1 HTTP 302
https://dmx.districtm.io/s/10027/pJL97Evrb7pkyCTe8mqf?pi=districtm&tc=1

Request Chain 109

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
https://dmx.districtm.io/s/10001/e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341

Request Chain 110

https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&rurl=//dmx.us-east-33.districtm.io/s/10007/ HTTP 302
https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=678149323a6708ed&is_secure=true&version=1&networkId=33921&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&rurl=%2F%2Fdmx.us-east-33.districtm.io%2Fs%2F10007%2F HTTP 302
https://dmx.us-east-33.districtm.io/s/10007/AAADK9E9l5W_SQNZmkeHAAAAAAA&expiration=1637672473&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&is_secure=true

Request Chain 111

https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 HTTP 303
https://dmx.districtm.io/s/10025/AAAvS07DNykAACvY_STVRQ

Request Chain 112

https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP454c3d83-4b94-11ec-b1e4-02530ff24d37 HTTP 302
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP454c3d83-4b94-11ec-b1e4-02530ff24d37&verify=true HTTP 302
https://dmx.districtm.io/s/10051/y-5QOJMahE2uEHZY.v9PksQzwOrQzHGPd_~A~UP454c3d83-4b94-11ec-b1e4-02530ff24d37

Request Chain 125

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=69103331988355342034317749239065217927 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=205030403978010742543

Request Chain 133

https://dp2.33across.com/ps/?pid=897&random=808426765 HTTP 302
https://dpm.demdex.net/ibs:dpid=601&dpuuid=1723693390865&random=1637586073

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjkxMDMzMzE5ODgzNTUzNDIwMzQzMTc3NDkyMzkwNjUyMTc5Mjc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK-KrfofqhspgoJ8BgUIHho&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 153

https://ad.doubleclick.net/ddm/trackimp/N1615345.3182630LAPRESSE/B26731003.320233147;dc_trk_aid=512773614;dc_trk_cid=161673324;ord=1842939789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1615345.3182630LAPRESSE/B26731003.320233147;dc_pre=COnr2MGDrPQCFQPgtQodbr4Hjw;dc_trk_aid=512773614;dc_trk_cid=161673324;ord=1842939789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 179

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 187

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 190

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 198

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3284871561668243888&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE

Request Chain 201

https://match.adsrvr.org/track/cmf/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1

Request Chain 204

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2924583591478604208&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 205

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE

Request Chain 207

https://match.adsrvr.org/track/cmf/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1

Request Chain 210

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 211

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 212

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 213

https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 214

https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 215

https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 216

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3428986749744099760&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 217

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE

Request Chain 219

https://match.adsrvr.org/track/cmf/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1

Request Chain 223

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

Request Chain 224

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZuUnshfYBmnm3ifGhecsAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1

Request Chain 225

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1

Request Chain 229

https://d.adroll.com/cm/index/ssp HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 230

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6908724781042293906&uid=Q6908724781042293906&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6908724781042293906

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1

Request Chain 233

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=

Request Chain 234

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZuUnshfYBmnm3ifGhecsAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1

Request Chain 235

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

Request Chain 237

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8435183636622910885&expiration=1638795679

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1

Request Chain 242

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=

Request Chain 243

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZuUnshfYBmnm3ifGhecsAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1

Request Chain 244

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

Request Chain 246

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253De2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341%2526expiration%253D1640178078 HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253De2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341%2526expiration%253D1640178078&xl8blockcheck=1 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3De2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341%26expiration%3D1640178078 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3De2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341%26expiration%3D1640178078 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&expiration=1640178078

Request Chain 247

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8LNHzGHo1MP8WH5

Request Chain 248

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470201797405350

Request Chain 250

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZuUmQAAAEqEcgQE

Request Chain 251

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2Y2ViNzgzMzVjNmUzNjYyYmM2ODZmOThkZjUxMmMwMGU5NGE5OA

Request Chain 252

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dBT0dYOVEtMTUtQlhSTw==

Request Chain 254

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=073b619b-949f-4d00-a143-d5a70ffb3637

Request Chain 255

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWAOGX9Q-15-BXRO&sigv=1&esig=2~d77df717f264a7f20994adaae813a415e2c9a3ff

Request Chain 256

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Zqsqk2vE7hrRGt5CkICnVsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4127272148083631737

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE72De7PNgjn_zpSRDSlaMQ&google_cver=1

261 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request une-autre-firme-israelienne-suspectee-de-cyberattaques.php Show response
www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/ 205 KB
38 KB 295ms
158ms Document
text/html 13.249.184.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.184.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-184-35.bos50.r.cloudfront.net

Software

Resource Hash

8daf1b7c0b05ca902c75c068e739db23dd67bc2dca3e1ab565da88a413dbc36f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 38724
date: Mon, 22 Nov 2021 13:01:11 GMT
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
cache-control: s-maxage=6,must-revalidate
x-correlation-id: 619b949773dca7.97677945
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 48a4cbead7454531a87cd246667053df.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-C2
x-amz-cf-id: HQm8YMTMGr2xNCeafwUSrOnVd5HyADl-Bgio9GESkJcZqW7WrDNBtg==

GET
H2 200 appStoryDesktop.bundle.635527c72995f41de6d8.js Show response
static.lpcdn.ca/lpweb/dist/js/ 144 KB
36 KB 277ms
82ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.635527c72995f41de6d8.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 204d0de2d8adccee84967a32fe68ad01bf8ea288c806952c5880a2db1719cc70

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:54 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255497
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: IdaPHyrU0z7keB8CUT2ehi59tGtZpeCP9AsDKNoDjjXDvOl6i-3_ZQ==

GET
H2 200 react.production.min.js Show response
static.lpcdn.ca/lpweb/lib/react/ 12 KB
5 KB 325ms
130ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/lib/react/react.production.min.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 08:18:24 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 794567
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: RjWUH-fNqCWme49o9EqdAPE-FUZnHlHSPXF_OswHvbZhoJW_IzZ0DQ==

GET
H2 200 react-dom.production.min.js Show response
static.lpcdn.ca/lpweb/lib/react/ 116 KB
39 KB 317ms
122ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/lib/react/react-dom.production.min.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 18:59:18 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 842513
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: N0k6ANOXNAWVssomG-g5rSYginEnNJCgmIo2Y-RCPfHw4rNpExzNLw==

GET
H2 200 lpca-auth-react.70b8546809328be4258ab4c619e5d8a0.js Show response
static.lpcdn.ca/lpweb/dist/js/ 322 KB
100 KB 280ms
86ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/js/lpca-auth-react.70b8546809328be4258ab4c619e5d8a0.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: e7a0a2d645ecba219065474f28bec1cb9f1b6d6f25d0d7fb90777e0768abe569

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255498
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: sPSaaKiQ8M9lc3PQ_nKUMJpJ-1okG-XR0c_1lBfHZbAYnlNcNsG99g==

GET
H2 200 lpca-auth-react.2a595dfb750fef4a5629a80ad555994b.css
static.lpcdn.ca/lpweb/dist/css/ 25 KB
7 KB 261ms
67ms Stylesheet
text/css 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/css/lpca-auth-react.2a595dfb750fef4a5629a80ad555994b.css
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 4139e5067afd379f2f574daa7e70bc7b1b87ee70dab5af68e86cf454a4d1070f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255498
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: Nz3DWTkvTzf3Y_wb0eJodvT7jgO26_jKPGA6edKQncTOWzmN74b91Q==

GET
H2 200 login.bundle.c92ba93811e87e2c2682.js Show response
static.lpcdn.ca/lpweb/dist/js/ 3 KB
2 KB 470ms
276ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/js/login.bundle.c92ba93811e87e2c2682.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 3bd51cb5cb5b3b445981ca346b8c9eea6cffd5715bc3271856fd5278dc7abc22

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255498
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: jozTESaXwkCka5PewL4yFuFW17XPZLH4fFC3gqwfiZiJ1SH4p7pu3A==

GET
H2 200 merge.100133.js Show response
hb.districtm.io/prod/100133/ 71 KB
19 KB 199ms
78ms Script
application/x-javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/100133/merge.100133.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 517310c55e9701db6091fb5e4dbe37ee7bf6b9364a27e0e54d997324c2c8bb8b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 70641f5df56ba9a18ec1e10fa85bf5ef.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6288
cf-polished: origSize=72622
x-cache: RefreshHit from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 30 Jul 2020 20:39:31 GMT
server: cloudflare
etag: W/"e5323f6cb8bc566e9938610092645047"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=43200
x-amz-cf-pop: EWR52-C4
cf-ray: 6b2258578bfe7150-YUL
x-amz-cf-id: B8V82bbgOZVc1eNYdkNef8N7STEKh6CH6wv_gIw-04DLL0we_1RNQg==
expires: Tue, 23 Nov 2021 01:01:12 GMT

GET
H2 200 sdk.js Show response
cdn.optable.co/web-sdk/v0.6/ 42 KB
42 KB 186ms
43ms Script
application/javascript 35.244.223.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optable.co/web-sdk/v0.6/sdk.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.223.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 138.223.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d9ef98de23379bca12097fcab0eb9fbc8193fc2a9855199598dc291a0a450b8b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:07:32 GMT
age: 3220
x-guploader-uploadid: ADPycdtB4iCCWPQNboahQUABazJGaKoZnRZsfCyz63m8Vg_7jWmXTkZmWsa5JTSVoIUwSrgHRHLKoyC-EXx_uTxH_vDfPO2pxg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42703
last-modified: Mon, 30 Nov 2020 15:25:51 GMT
server: UploadServer
etag: "00ae1311b5b7fd9a907558d8cd18fe90"
x-goog-meta-optable-sdk-version: v0.6.4
x-goog-hash: crc32c=auiK/A==, md5=AK4TEbW3/ZqQdVjYzRj+kA==
x-goog-generation: 1606749951545927
cache-control: public, max-age=3600
x-goog-stored-content-length: 42703
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 22 Nov 2021 13:07:32 GMT

GET
H2 200 sha1encoder.js Show response
static.lpcdn.ca/lpweb/script/ 4 KB
2 KB 414ms
220ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/script/sha1encoder.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 5eda896fbd669382f68454ff2d967dd5c8ba438876b775d5a45997b2cb8d0957

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 18:41:21 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 843590
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: 6t-EakHDz9Y95maSYo56hvGbtOnYmcA14nhQxgtaWkYVVykaYHGQSA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 194ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

444eb134c281ef5d78e2c6acd745d6dec96428bc23923a9888f514294a1bb625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1051 / 167 of 1000 / last-modified: 1637582729"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26881
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 13:01:12 GMT

GET
H/1.1 200
OK 23098_LaPresse_Web.js Show response
ads.rubiconproject.com/prebid/ 321 KB
95 KB 202ms
70ms Script
text/javascript 23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/23098_LaPresse_Web.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2a504894c44581c1552170d55d1baf71ea09fd53e660df6f32854fdc9fe3d53e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:01:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 15:36:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2546
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96965
Expires: Mon, 22 Nov 2021 13:43:38 GMT

GET
H2 200 m-lapresse.lapresse.js Show response
static.lpcdn.ca/lpweb/common/scripts/ 332 KB
73 KB 68ms
63ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/common/scripts/m-lapresse.lapresse.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 4baaa254820b6daef2b169f3cda417efbf6f442ec482f0da0dee98858898d391

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:30:19 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 833453
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: 4FuSbAxNaA0RWBtqR5K3W_ny7Vt6yjooWNhQAgwHluTIxWzuqt0x-Q==

GET
H2 200 componentBraze.bundle.aaa0852b539ce7a3fb82.js Show response
static.lpcdn.ca/lpweb/dist/js/ 15 KB
5 KB 312ms
119ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/js/componentBraze.bundle.aaa0852b539ce7a3fb82.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: bbca6de5c81aeefb79cea77af6e0e799c2a148255009b7776295fcaeaeb54364

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255498
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: 87JU9boPIx9b7CRSI8dkM304jXddBMUSAdAKJZrn0bDipszJMPWbTQ==

GET
H2 200 storyPage.bundle.7a6cb769625701a65676.css
static.lpcdn.ca/lpweb/dist/css/ 264 KB
52 KB 272ms
78ms Stylesheet
text/css 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 4180807dcfad3955a763023d3fcb3f3893ff45ea66acb19f8c247ff4d26f2f8d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255497
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: 26ber4LTTrNhR-3JRWWQBdqMOB_E3CRoHOE_AXmPGSvlVfnKwCoo4w==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 225ms
67ms Script
application/x-javascript 2a03:2880:f03a:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b51d31d982ac0ce6d3c3435807e7278b7359e808e57d213a20312de841afcc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pBFOU0zu3z0Wc6zHS+S12Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: aez/7V6k5EDxjRgelZftKMd51NCKj7Jmxv+8VMPCPPmoGMuZzWwGAy90F4gGksBTfW9CYCu+s0p3tDZnTeGYgg==
x-fb-trip-id: 1425083115
x-fb-content-md5: b6f3220d92e35dc326a6c02197a4431e
x-frame-options: DENY
date: Mon, 22 Nov 2021 13:01:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8373f26c12cbbb013030a6cac99f49ed"
timing-allow-origin: *
expires: Mon, 22 Nov 2021 13:09:17 GMT

GET
H2 200 la-presse-logo-web.svg
static.lpcdn.ca/lpweb/mobile/img/ 2 KB
1 KB 64ms
60ms Image
image/svg+xml 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/la-presse-logo-web.svg
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 9de61e723f71ecad9e2966704febad3226eeb4b415236246d06ea41f43fad3bf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 22:23:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 830239
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: 4FC65eOP8gZ2p1U3rU29n2fDXcLi5hXu5cUV2pfa6uymxMgXNqsWkQ==

GET
H2 200 logo-lp-line.svg
static.lpcdn.ca/lpweb/mobile/img/ 3 KB
1 KB 64ms
61ms Image
image/svg+xml 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/logo-lp-line.svg
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: e467e1354ec82b4ff98938872632fde03a71f319cece7f22127259d7ca69ab6a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 08:06:50 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 795262
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: S6aZDRdWgF2G-JFDAU4JEe4XbCIkrmWyVruZUUtOxPv83i3rmanwpg==

GET
H2 200 c1c4f0ad089831078034070e7af8e1bd.webp
mobile-img.lpcdn.ca/v2/924x/27c66e6b/ 10 KB
10 KB 328ms
172ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/924x/27c66e6b/c1c4f0ad089831078034070e7af8e1bd.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 853b8bc242390ea27990b69591a49a79ec63aab7d0c98eb70e81ead05a805a4b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 13:01:13 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 15:38:56 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C1
etag: "1a112dfe206470aa419ffa0aff22d6a0"
x-cache: Miss from cloudfront
x-amz-version-id: ddMUr.Pwf7C0du__AaI1rY9wzYCist6j
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
content-type: image/webp
content-length: 9922
x-amz-cf-id: fnu5uCsckElfQokMwW3-p0rbyK4LmwpNjDjWd36FU_7GTc_svCaNeA==

GET
H2 200 share-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 737 B
1 KB 65ms
62ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/share-icon.png
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: b9fa1e983879d28bdbf5a2a40a51a80bf9550ec8e6b120b773ac76770a4f218a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 08:53:33 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 792459
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 737
x-amz-cf-id: WUYS3yVfuck2x8NuNuVcSR3e_gqdIfvvaFW6aWlFrC7pVwBba1shNg==

GET
H2 200 rubrik.css
static.lapresse.ca/fonts/rubrik/ 1 KB
512 B 82ms
64ms Stylesheet
text/css 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lapresse.ca/fonts/rubrik/rubrik.css
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/lpca-auth-react.2a595dfb750fef4a5629a80ad555994b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: ba240e4860fc14034e5ca168222bf1c88ba0f381250840c1dce3a399062bfa45

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:47:47 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 796405
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: P0cGEtucxRTGUwocm8eysZ37qAnbwQhRzPhl5sGdBmn3ny_Y3Qq6Vg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
63 KB 195ms
67ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP8JVMP

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c57c341aee2d91104e36e6068c45790257944f3d3df018aa510e60a623c05058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63991
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Nov 2021 13:01:12 GMT

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/3.4/ 189 KB
51 KB 176ms
54ms Script
application/javascript 2606:4700:10::ac43:7e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/3.4/appboy.min.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:7e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0541499190c257a83eb557812148f5bce92574373eda8555b3c0fa5163df3cd9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Oct 2021 22:27:51 GMT
server: cloudflare
age: 2109
etag: W/"dc7ece658aaaa661ce9baebfcf0a7416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6b2258584b857157-YUL
x-amz-request-id: 24NYJJ60DSHZK9BM
x-amz-id-2: VRuFnRfhqlaakJQ9dhHYUaq0mP0t7jR6+kKksk4/5eD07jDq8B9fQ+2qd1R8y956TByaPMPrjDg=

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3005690/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

47ms
47ms

Script
application/javascript

13.35.77.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Server: 13.35.77.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-64.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:55:56 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 317
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 086cd0532de45f1c24aa2644656aff63.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-C1
x-amz-cf-id: Bgl4LX420Wi0635yuad7WQ0Be9Y9NvuSFukTlyjiJ-tD5H-pt35QNA==

Redirect headers

date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 086cd0532de45f1c24aa2644656aff63.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: bi5H6THgCYjr7VyZa21i0KBP3hZ5OGR_oXhUm5_PwtGVsCorYeODUg==

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
2 KB 224ms
68ms Script
application/x-javascript 2a03:2880:f03a:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e36837daa738d02ce1b10873e8fa1125001775d7a1affc3276125fd478d9faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jl/aMt0AN0Xbt11ReX9zlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: KaVS3HVOuzv2m2ZdqGEZDs7qxbRQxOdYwBaaDXAovSf9TC8Cvz+WSqs9Me5LPTT+0FYoy80+7JPsWKFd01jnMA==
x-fb-trip-id: 1425083115
x-fb-content-md5: 9b98e03d727eae5a269768bbf99025f2
x-frame-options: DENY
date: Mon, 22 Nov 2021 13:01:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2dfff08460f19fbda98f3508381eca12"
timing-allow-origin: *
expires: Mon, 22 Nov 2021 13:17:18 GMT

GET
H2 200 facebook-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 2 KB
3 KB 105ms
104ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/facebook-icon.png
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: b5292ee5c28832f36ee3d1ffe6b87143a29b5de792d071391385d3e7c338bebf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 12:53:27 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 778065
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 2426
x-amz-cf-id: OSB2I6ykSTNurz4CZfuIWcdJLCX3FtvEaIE1CXR0Wywn3ZK0XuccSw==

GET
H2 200 twitter-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 3 KB
3 KB 105ms
104ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/twitter-icon.png
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 8eb7acd7dd23fb4531a9b3485312a2a43a42b6a7fd1180c275561d15679dca06

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 08:08:48 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 795144
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 3245
x-amz-cf-id: HhS9WRl5zWVApbw5xfyUi2AIVXyPwbt0VZIkVX7_WKH54zh9xQImzA==

GET
H2 200 linkedin-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 3 KB
3 KB 105ms
105ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/linkedin-icon.png
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 7a60eca89c8c684b921fd907e4025a3f5948537dbfcdbc334134138b8f2aad4a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 20:08:24 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 838368
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 2673
x-amz-cf-id: 8S79EHPs6k3MB-2JQ33uOQZsZhuu1kju8fszdBK0y6-o_Qg6G9pe8Q==

GET
H2 200 instagram.png
static.lpcdn.ca/lpweb/mobile/img/ 4 KB
4 KB 106ms
105ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/instagram.png
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 08153ebc7d42d5d97501540301c0762b83fc730e7fe98c3d7d5a3e6d6a4fc43f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:17:52 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 791000
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 4129
x-amz-cf-id: Oo2QxNPlZ2o-2D_JJkOktaCwjDTmu9kHY2jZel5yGMqieucyMRuWcg==

GET
H2 200 pinterest-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 2 KB
2 KB 106ms
106ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/pinterest-icon.png
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: cf94621194b49d5d19ba1a2ae457775f42d4a05f676d76c8a42996ff01fcc2d1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 08:06:37 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 795275
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 1888
x-amz-cf-id: pnl03IXlccvtmkzxuZbqL0KVBU7NfwWyGKnf9AOco3lisRAtCIqR3g==

GET
DATA 200
OK truncated
/ 292 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed748f1d8bde54b47c50c3389ab131ff86b26157a214275c913e0a1463e425e7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Rubrik-Regular.woff2
static.lpcdn.ca/fonts/rubrik/ 18 KB
18 KB 197ms
72ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-Regular.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 9b1e8085d927bc7de200f56905ec94d33d1c0c450faa766dab19754cb9cfc578

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:11:18 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2288994
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 17940
x-amz-cf-id: zdMPJB3uzmXpwTIyxkFrhnQknxsHShl9CkHEyw5efKFTA1R1dGSZhA==
expires: Fri, 26 Nov 2021 01:11:18 GMT

GET
H2 200 Rubrik-SemiBold.woff2
static.lpcdn.ca/fonts/rubrik/ 18 KB
19 KB 277ms
153ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-SemiBold.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 99ac816b389ee1637433b4b96ab4ec0d7a96677760c74267860a76de52556799

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:11:21 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2288991
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 18612
x-amz-cf-id: aBJc9ibLym797ZYgtswjRkJBCJoRqhxzbuNZG1od5mwSoilPcLQvYw==
expires: Fri, 26 Nov 2021 01:11:21 GMT

GET
H2 200 Verlag-Book.woff2
static.lpcdn.ca/fonts/verlag/ 18 KB
18 KB 265ms
141ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/verlag/Verlag-Book.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 50030e1cf1d7be1d3080a7caf68057c49ea1a2265beaabe45c98c7244b2e3756

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 19:26:32 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2223280
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 18300
x-amz-cf-id: r1EEa2XM6_U9lSCg2v7j3HxOmmtQRtI2N-Iv69zL8XzDr-PVDI9GcQ==
expires: Fri, 26 Nov 2021 19:26:32 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ 78 KB
29 KB 196ms
61ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b8fb3cb31828e7915420bd564c7297f2eebc88fa22ec3a9a3333f84b37f7b403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: T2D1EMGV2WSHSPBQ
x-amz-id-2: B8U5q+YfvrrdVDZQSRxaODOvrbjU6Yk1c+Y6zTy9Xyk9fXwswO1EH58DgeLDXkzgoSkru6xWSZg=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Nov 2021 13:27:54 GMT
server: ATS
etag: "b2a42c725b276837af3535e3bc3b1460-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 229ms
55ms Script
application/javascript 72.21.91.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.91.66 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8096) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:01:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1016
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29104
x-tw-cdn: VZ
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (cha/8096)
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 copylink-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 4 KB
4 KB 76ms
75ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/copylink-icon.png
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 9c221f81130938a9aea113296583f96047dd14b7571b682e8a187066cdf76771

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:08:11 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 802381
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 3701
x-amz-cf-id: 6HC1w3vQBTcEiSQ7Y8fbyOIXo-hyXvw7f-tTD4EsS4eo0G57T-LcSg==

GET
H2 200 print-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 1 KB
1 KB 76ms
76ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/mobile/img/print-icon.png
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: cd387609fa550bb68f521d047df0a8cea3016321e0714444b9459b8c5109e7bf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 14:19:10 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 14:28:10 GMT
age: 772922
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 1055
x-amz-cf-id: CZwAtufEFciO71zaWKJvOECIwZyHbWIY5BYmf3k_PyrpNP7u-duXkQ==

GET
H2 200 Rubrik-Medium.woff2
static.lpcdn.ca/fonts/rubrik/ 18 KB
19 KB 283ms
190ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-Medium.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 5cea7a0a46e4ea964a2d42d6ca2e347ff23f8eaf83d3b8eb54aa3cd96ee1bbb9

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:32:34 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2298518
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 18588
x-amz-cf-id: a29dnLf9o_rWjtqOCb6EVr_xSo9PGfldA_LypHC9A9tn_flE8KI4OQ==
expires: Thu, 25 Nov 2021 22:32:34 GMT

GET
H2 200 Verlag-Black.woff2
static.lpcdn.ca/fonts/verlag/ 17 KB
17 KB 287ms
195ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/verlag/Verlag-Black.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: d3d486c7e3bd045b501ddbc559be1ec8a1fb68a5a8d2d7fadb2562ddb88e8186

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:00:24 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2293248
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 17308
x-amz-cf-id: iNfAEOZjAzzQqh_E9ch3LyDioyv0CU1dXDP9uEFQSkYOrOOAdtb2PA==
expires: Fri, 26 Nov 2021 00:00:24 GMT

GET
H2 200 Verlag-Bold.woff2
static.lpcdn.ca/fonts/verlag/ 18 KB
18 KB 198ms
106ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/verlag/Verlag-Bold.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 24becdf0e263b4503af3fc72edabf21a8df2a948c03c1271bb31ecf922cea28f

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 23:55:09 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2293563
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 18388
x-amz-cf-id: GL5XKVdfvACCZrpghmqHFnFHJqDqEtjKxf97w53Q8C0ZQjHPML6S4g==
expires: Thu, 25 Nov 2021 23:55:09 GMT

GET
H2 200 Calluna-Light.woff2
static.lpcdn.ca/fonts/calluna/ 41 KB
41 KB 270ms
178ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/calluna/Calluna-Light.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: ab258e0c74a6102c5388fdeda986c1644fcd43b6eb798e8a3a3e7b8e58fb5824

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 23:56:40 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2293472
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 41884
x-amz-cf-id: 4TsUvfdJQBaVJK56HR2kUlSwn6BVIzecs4jegvYsVP-W44_LfJFL3w==
expires: Thu, 25 Nov 2021 23:56:40 GMT

GET
H2 200 MuseoSlab-700.woff2
static.lpcdn.ca/fonts/museoSlab/ 19 KB
19 KB 218ms
126ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/museoSlab/MuseoSlab-700.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 246eb714db7565cf5da65b96b8f18e7e061d13907fc658916ec53091b40393dd

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:11:23 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2288989
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 19288
x-amz-cf-id: 0U6vzY_nLiTeN1ezfYtFl0VAo8ZIoW2QyKnKiAJCw3rfhOnE4SIFDA==
expires: Fri, 26 Nov 2021 01:11:23 GMT

GET
H2 200 Rubrik-Bold.woff2
static.lpcdn.ca/fonts/rubrik/ 18 KB
19 KB 265ms
173ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-Bold.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 334a7e3d2c50ba3ba1ee01293971a9a1791d677c8585e29ddfef4ab4c1d923ab

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:11:27 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2288985
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 18848
x-amz-cf-id: bt-3wGIWc4I_zz5w_ja7M3oZeSiH-11MCaJWvEWUTLYYQy01BsrIRw==
expires: Fri, 26 Nov 2021 01:11:27 GMT

GET
H2 200 Rubrik-Light.woff2
static.lpcdn.ca/fonts/rubrik/ 18 KB
18 KB 255ms
164ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-Light.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: c97e907849823ff8c50e47b5718f4a0b9cd0cf17e1fc49084f6a438351e16cc7

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:34:39 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2280393
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 18420
x-amz-cf-id: I0FMwZswE0v6-WLX4r7SiIQupWQHIiE2VdIoybqAZuBZbls-LJnZSw==
expires: Fri, 26 Nov 2021 03:34:39 GMT

GET
H2 200 16a1766ac43237de8bff8e88780d05a8.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 8 KB
8 KB 124ms
54ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/16a1766ac43237de8bff8e88780d05a8.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf063c6a0281b5056749a88288e7130ca0305dcea4fa396d45d8e498f252cf4f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Nov 2021 19:54:17 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 19:52:27 GMT
server: AmazonS3
age: 61616
etag: "68ef7bf675117bca2ac81ada833d0ade"
x-cache: Hit from cloudfront
x-amz-version-id: xXtOvp91.r0x5NMWTzs.q0CIw2V5ix.n
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 7740
x-amz-cf-id: u8M5q2FsHeSQ3HVf5pn8fPBLiLP55XFzkSpruyvRYD4rpS8I9riY4A==

GET
H2 200 7bf25db7996e398798fadaf1e56fda37.webp
mobile-img.lpcdn.ca/v2/357x/r3996/e89bdd53/ 16 KB
16 KB 66ms
65ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/e89bdd53/7bf25db7996e398798fadaf1e56fda37.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f83973363321de5ac82112336e02967d0c02478db2bf68580b9a70dd80ac51f7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Nov 2021 16:02:54 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 16:01:37 GMT
server: AmazonS3
age: 75499
etag: "3a0336f59ee47550339f6f35a8b15993"
x-cache: Hit from cloudfront
x-amz-version-id: G9jOnA4mlNk5ivFe22cVHzBgfwFjvXXT
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 16028
x-amz-cf-id: xGScSBQ3Njgh-uYFqs64oCQZczEMsCCnsJgRQmd0UQsmpT8xxuntJQ==

GET
H2 200 8937d0ff941e3544b62c8b089a1f405d.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 9 KB
9 KB 70ms
69ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/8937d0ff941e3544b62c8b089a1f405d.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef4b47070cb489df28eca6baa45dd7c7ea7b1d84c8844b51d90de89baf153db7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Nov 2021 16:21:23 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 15:29:03 GMT
server: AmazonS3
age: 74390
etag: "e915f536ccc1155afb6a9e1e4a83ce6a"
x-cache: Hit from cloudfront
x-amz-version-id: oe18FqwjhXlrWDJ8vn6I0pdtQu2NQzt.
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 9174
x-amz-cf-id: nS0kJyDz4pOjrBoLsF9s4-tWry5anHGOkigrhXrufn7HfPnxbo2OOw==

GET
H2 200 59aa1b37d48133f79ad37632a053b8f3.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 17 KB
17 KB 84ms
83ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/59aa1b37d48133f79ad37632a053b8f3.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92f9aa355574f1d2d1d84a8f15dca197ad4bfcab43b77d2754738b92f96dbc14

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Nov 2021 14:18:22 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 13:58:52 GMT
server: AmazonS3
age: 81771
etag: "92ba1bc535321a7370148f14a418140e"
x-cache: Hit from cloudfront
x-amz-version-id: 5BjJL3LY6TqCuvduRZ0OEG9J3zL3Se_g
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 17122
x-amz-cf-id: EOUfIPC2yxevwhoYYUvrvJAPeRwedOC_WQtEnDG_9xoiquH5iG1gsA==

GET
H2 200 f9deda4552273e03acb5dd4892f54802.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 5 KB
5 KB 84ms
83ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/f9deda4552273e03acb5dd4892f54802.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6113ccc2354b5754909297b702088f288468b6547a649eab88dfe1cac540b27

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Nov 2021 16:22:59 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Sat, 20 Nov 2021 13:14:15 GMT
server: AmazonS3
age: 74294
etag: "c4b9b481a7805472131be61fcbbed97e"
x-cache: Hit from cloudfront
x-amz-version-id: sURB8qJTTAYq9HMiV3n4fxy_0hlmwRzj
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 4650
x-amz-cf-id: DOUhQSn1mPyWBlnczht7tVlb6qUAZY_ESKteFMOArwuz7f8FAsuCrw==

GET
H2 200 59d9b7bed9b83b229192ce9327b36da4.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 9 KB
10 KB 151ms
150ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/59d9b7bed9b83b229192ce9327b36da4.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb379bea45cd70f583ea35c9af2e9c3a7df37f8f53219199bd38865c1c0e2c8f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: EOW3gqHc_b7pyxLK9C_hh1JxPEYQW266
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
etag: "3dde50e90f0dc6022a580660439dbb0a"
last-modified: Wed, 17 Nov 2021 21:39:53 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: public, max-age=604800, immutable
date: Mon, 22 Nov 2021 13:01:13 GMT
accept-ranges: bytes
content-length: 9570
x-amz-cf-id: vBmov9Jgyq1QQF0nIpsNi_Odg47z167e0J60iLlXtNt8yWBbS58Xsg==

GET
H2 200 29911f5660e03d6b8bee2ea105d07563.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 7 KB
8 KB 159ms
158ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/29911f5660e03d6b8bee2ea105d07563.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9d76515a18d30216d32fdd84741646efbeb20a6d5acbf21d31b17d0a3cafa8d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Rs08710TTIFuG2I0SQ_N4KFG1UEtSfTq
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
etag: "c23d64111af2e8d705ce374f9c7377d5"
last-modified: Fri, 19 Nov 2021 15:34:16 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: public, max-age=604800, immutable
date: Mon, 22 Nov 2021 13:01:13 GMT
accept-ranges: bytes
content-length: 7466
x-amz-cf-id: vyJmMeaFnT5dDNqikrCn5Z8wp_OVfRpxYnAVxQXIkqOI6c36YRwnMA==

GET
H2 200 www.lapresse.ca Show response
fsm.lapresse.ca/ 4 KB
4 KB 440ms
132ms XHR
application/javascript 18.196.86.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fsm.lapresse.ca/www.lapresse.ca
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.86.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-86-6.eu-central-1.compute.amazonaws.com
Software: Jetty(9.4.2.v20170220) /
Resource Hash: 9ae8beb4a17cedab42085fb9ff9694700f468f2166e8aee9998e325a19dce5a2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 13:01:12 GMT
cache-control: max-age=259200, public
server: Jetty(9.4.2.v20170220)
access-control-allow-methods: *
content-type: application/javascript

GET
H2 200 get_site_data Show response
lapresse-ca.lapresse.ca/ 198 B
471 B 189ms
49ms XHR
text/plain 34.227.185.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://lapresse-ca.lapresse.ca/get_site_data?account_id=1057&href=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&requestUUID=166fab20-51da-4b05-ab49-0315ba78dead-1637586072362

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.227.185.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-227-185-199.compute-1.amazonaws.com

Software

Jetty(9.4.2.v20170220) /

Resource Hash

0d004688c894ca15df2457a3527f2298e631915591060943334b31adc5a51d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
x-sp-mms-node: ip-10-128-17-235
server: Jetty(9.4.2.v20170220)
strict-transport-security: max-age=15552000; includeSubdomains
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.lapresse.ca
cache-control: max-age=2592000
access-control-allow-credentials: true

GET
H2 200 ;ord=1637586072369
ad.doubleclick.net/ddm/ad/uudt/wgv/mbccrbcy/wqwlpwdq/ 43 B
628 B 167ms
63ms Image
image/gif 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/uudt/wgv/mbccrbcy/wqwlpwdq/;ord=1637586072369?

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1827 Show response
weather-api.lapresse.ca/weather/cities/ 1 KB
949 B 208ms
75ms Fetch
application/json 13.249.184.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weather-api.lapresse.ca/weather/cities/1827
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-9.bos50.r.cloudfront.net
Software: /
Resource Hash: c01f493d5c40e136be8dbd138ca4cfa0b1f77360f3461d68155f0709c4c2dc29

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
x-correlation-id: 619b94988dc332.29909281
x-amz-cf-pop: BOS50-C2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: no-cache, private
x-cache: Miss from cloudfront
content-encoding: br
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
x-amz-cf-id: 4dgxdXbGtMRl_-5P1zzN4xfUZtcTR6FnXSyEnliJY-pml9lp3Wa_yg==
via: 1.1 64d0258636b5df398ab692be714f6aa0.cloudfront.net (CloudFront)

GET
H2 200 now Show response
www.lapresse.ca/webparts/trending/2/ 9 KB
2 KB 70ms
69ms Fetch
text/html 13.249.184.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lapresse.ca/webparts/trending/2/now

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.184.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-184-35.bos50.r.cloudfront.net

Software

Resource Hash

ced193b5b6e135bcf3d6db8ed36b3da78065a963acd7133368f1a087b5e8bd8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
tracestate: 259951@nr=0-1-259951-631470931-7efdfc582f125e67----1637586072396
traceparent: 00-bd74845ff7ce000530267571a0553b40-7efdfc582f125e67-01
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI1OTk1MSIsImFwIjoiNjMxNDcwOTMxIiwiaWQiOiI3ZWZkZmM1ODJmMTI1ZTY3IiwidHIiOiJiZDc0ODQ1ZmY3Y2UwMDA1MzAyNjc1NzFhMDU1M2I0MCIsInRpIjoxNjM3NTg2MDcyMzk2fX0=

Response headers

date: Mon, 22 Nov 2021 13:01:07 GMT
content-encoding: gzip
age: 5
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 48a4cbead7454531a87cd246667053df.cloudfront.net (CloudFront)
cache-control: s-maxage=6,must-revalidate
permissions-policy: interest-cohort=()
x-correlation-id: 619b949308f503.84841148
x-amz-cf-pop: BOS50-C2
x-robots-tag: noindex
content-length: 1880
x-amz-cf-id: okCMsRuOiG-k5iNPTbCityF-XlkDt4DuN0djH3-0Fzmg6zRH_VJWYQ==

GET
H2 200 34ac0fd6c4e6323d69a208.bundle.js Show response
static.lpcdn.ca/lpweb/dist/js/ 11 KB
4 KB 52ms
52ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/js/34ac0fd6c4e6323d69a208.bundle.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: b4d2772232d1e5db301df00d95d51149059792ea240faf33f2d078fc2f42018d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255499
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: stwARmQBrmWp8JsATVy4u54ZnwsE-OCQB6NNeO56d0Kh3P--12u93w==

GET
H2 200 31ac0fd6c4e6323d69a208.bundle.js Show response
static.lpcdn.ca/lpweb/dist/js/ 2 KB
1 KB 52ms
51ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/js/31ac0fd6c4e6323d69a208.bundle.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: a863f2ec0bcae807b2fe2748af5d97f1afeab76c60c6883cc7a173761ac202ab

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255499
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: velLYyyqyd1MDyWAHXb0TZOTzMXsYk1bqJxM72_FzxRK5pL_7jUzow==

GET
H2 200 33ac0fd6c4e6323d69a208.bundle.js Show response
static.lpcdn.ca/lpweb/dist/js/ 2 KB
1 KB 52ms
52ms Script
application/javascript 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/lpweb/dist/js/33ac0fd6c4e6323d69a208.bundle.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 842c1071c98373baac27ab0fd698e462be07b90e37d00bfdadddda15a7fb204a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:02:53 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:30:44 GMT
age: 255499
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop: BOS50-C2
content-encoding: br
x-amz-cf-id: BPCKMbDoDxFlwAZJi9w3FTolfsBcMI9NupwrUCcuEKcLtlRSTCDRNQ==

GET
H2 200 13d1656857303278a01c7d5bc88c0de1 Show response
www.lapresse.ca/trending/2/ 20 B
419 B 129ms
129ms Fetch
application/json 13.249.184.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lapresse.ca/trending/2/13d1656857303278a01c7d5bc88c0de1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.184.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-184-35.bos50.r.cloudfront.net

Software

Resource Hash

912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
tracestate: 259951@nr=0-1-259951-631470931-5c4d8ce4798072fd----1637586072404
traceparent: 00-13f118987d54609fea3742fdfc335c00-5c4d8ce4798072fd-01
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI1OTk1MSIsImFwIjoiNjMxNDcwOTMxIiwiaWQiOiI1YzRkOGNlNDc5ODA3MmZkIiwidHIiOiIxM2YxMTg5ODdkNTQ2MDlmZWEzNzQyZmRmYzMzNWMwMCIsInRpIjoxNjM3NTg2MDcyNDA0fX0=

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: br
x-amz-cf-pop: BOS50-C2
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 48a4cbead7454531a87cd246667053df.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
permissions-policy: interest-cohort=()
x-correlation-id: 619b94987b5bf9.07116046
x-robots-tag: noindex
x-amz-cf-id: CTeEbKNSg1tPjB3fn2-CUjJA4Qqyh1Vb3YKLr0LztrhvcAAHZBBLyA==

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 0F7B 116 B
296 B 71ms
56ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-type: text/html
cf-ray: 6b2258592e067150-YUL
age: 52774
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 075ecc80ea8e9352008139ab9fd7a593.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: dOTVl01OyPO7E3Afd1GI9xMhNyC-GudHgGHfLsX-XGFS_vEoA5d2oA==
x-amz-cf-pop: EWR52-C4
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H2 200 440ec59d0c553fe4a2abb7558715d5bf.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 11 KB
12 KB 139ms
138ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/440ec59d0c553fe4a2abb7558715d5bf.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f129d64cf5c8c8e8df1fc4c01362d078635a20695ce26ec483efa955048b5b1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: .ekVfSIvdpLCApdI3l5qkOb60jbqv.Oa
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
etag: "0c1135c02b5827ed14c0126616ed2d89"
last-modified: Fri, 19 Nov 2021 12:02:37 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: public, max-age=604800, immutable
date: Mon, 22 Nov 2021 13:01:13 GMT
accept-ranges: bytes
content-length: 11354
x-amz-cf-id: ZgXQmY7GFvLH9Cc9cEyFj11fH_bdr8lJ6LQOEWwpirKZveWHyPovag==

OPTIONS
H2 204 identify
optable.lapresse.ca/lapresse/ Frame 0
0 191ms
65ms Preflight 34.120.235.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optable.lapresse.ca/lapresse/identify?cookies=yes&osdk=web-v0.6.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.235.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.235.120.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://www.lapresse.ca
access-control-max-age: 43200
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 targeting
optable.lapresse.ca/lapresse/ Frame 0
0 191ms
66ms Preflight 34.120.235.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optable.lapresse.ca/lapresse/targeting?cookies=yes&osdk=web-v0.6.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.235.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.235.120.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://www.lapresse.ca
access-control-max-age: 43200
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 identify Show response
optable.lapresse.ca/lapresse/ 2 B
19 B 109ms
69ms Fetch
application/json 34.120.235.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optable.lapresse.ca/lapresse/identify?cookies=yes&osdk=web-v0.6.4
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.235.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.235.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 google
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 targeting Show response
optable.lapresse.ca/lapresse/ 35 B
52 B 110ms
71ms Fetch
application/json 34.120.235.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optable.lapresse.ca/lapresse/targeting?cookies=yes&osdk=web-v0.6.4
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.235.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.235.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 78bc91412d2ae4d426900bd710e6a788821c8865cf43918098edf3f98ca8455b

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 google
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 184ms
72ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 13:01:12 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 162 B
752 B 159ms
62ms XHR
application/json 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

c05f3db120fb434fddd052b8596d0cd0dacdc7128f983bd8b25f4eae1bfe2c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Mon, 22 Nov 2021 13:01:12 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 123ms
60ms Script
application/x-javascript 2a03:2880:f03a:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1ceae6f447e904bc01f041cb22aa8371

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21f118ea75270909f3b2004ae5530de752fa63f91bb5122d609127feda685eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.lapresse.ca/
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: c1kAt1VhW93gRr55ibzwNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84316
x-fb-rlafr: 0
x-fb-debug: 3ffelAb4VdnxjRispY8rUJSSdXpa0Dy2NOZ6kS1i/TBLRVs5jEAPr++c2Bu2B203DPsiykXJndtCMqR7HE1/HA==
x-fb-content-md5: 3a2286b5aa60aab47eda31360d689cb1
x-frame-options: DENY
date: Mon, 22 Nov 2021 13:01:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f38a30aacffd00652500740044172da4"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Nov 2022 10:52:32 GMT

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
1 KB 122ms
44ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYXP7TCNFR50PYS
x-amz-id-2: DdOS9d1GSH/ri7hZhFHYSqtGqtDkGOREUYdttsn4BXyek+dIPg7cV0/+tIRrFDJAReqnW6gCIwc=
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
server: cloudflare
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvfCldi1rgHXsaLoEV%2B2n7XNqvwePxWCh8731NfGxSJx8GBLIM4x0OEX21djgqSXQJ1KLh43BoBHLzw5ogMOx4RF4GbK2ZuraIT4hgC68zL2r6JGS4%2BBkLMEtH5pEBxtfN%2BxHkU%2B8X3TTcpS0Hzw3%2BUF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6b22585a28e7713f-YUL

POST
H2 201 / Show response
sdk.iad-06.braze.com/api/v3/data/ 108 KB
22 KB 206ms
203ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b4326b5e09d4424d88ea728d52e2bba25b6d9c9b8a4b13482be46c4eb609b711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 2ed695a4-aa76-4d2b-a638-b2c8182db2d3
x-served-by: cache-yul12827-YUL
x-runtime: 0.137172
server: nginx
x-timer: S1637586073.829379,VS0,VE171
etag: W/"b4326b5e09d4424d88ea728d52e2bba2"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-06.braze.com/api/v3/data/ Frame 0
0 148ms
48ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 varnish
x-served-by: cache-yul12827-YUL
x-cache: MISS
x-cache-hits: 0
x-timer: S1637586073.777828,VS0,VE15
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 127ms
43ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211122

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e3de51e63ab544e40dc3c2e66d18f1e715904dba9c49c2744e9a35d48fdce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36009
x-jsd-version: 1.0.1168
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19127-FRA, cache-yyz4561-YYZ
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"698-en1dLwzooaTM8hbd8RgEqluF/eE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b22585b092bece2-YUL

GET
H2 200 Verlag-XLight.woff2
static.lpcdn.ca/fonts/verlag/ 17 KB
17 KB 50ms
49ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/verlag/Verlag-XLight.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: bac2e52762088b462c7ae6dff6fa381d1c0e42514af3d09775b64a7f47951920

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:10:56 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2260216
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 17388
x-amz-cf-id: jWgDMZldu4C3jne1yRv1C32sUeZITAotvdgfpOlRBJ7QnLdi5uT4Lw==
expires: Fri, 26 Nov 2021 09:10:56 GMT

GET
H2 200 today Show response
www.lapresse.ca/webparts/trending/2/ 9 KB
2 KB 65ms
65ms Fetch
text/html 13.249.184.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lapresse.ca/webparts/trending/2/today

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.184.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-184-35.bos50.r.cloudfront.net

Software

Resource Hash

4653198d7bcbf52847fdb2f1aa7b67f58742a4f38a21562ddc32416564da16bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
tracestate: 259951@nr=0-1-259951-631470931-6ba4cd98a3b622d7----1637586072707
traceparent: 00-703355fcc6f549a148667feebcaf76b0-6ba4cd98a3b622d7-01
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI1OTk1MSIsImFwIjoiNjMxNDcwOTMxIiwiaWQiOiI2YmE0Y2Q5OGEzYjYyMmQ3IiwidHIiOiI3MDMzNTVmY2M2ZjU0OWExNDg2NjdmZWViY2FmNzZiMCIsInRpIjoxNjM3NTg2MDcyNzA3fX0=

Response headers

date: Mon, 22 Nov 2021 13:01:08 GMT
content-encoding: gzip
age: 4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 48a4cbead7454531a87cd246667053df.cloudfront.net (CloudFront)
cache-control: s-maxage=6,must-revalidate
permissions-policy: interest-cohort=()
x-correlation-id: 619b94943e50b7.13219610
x-amz-cf-pop: BOS50-C2
x-robots-tag: noindex
content-length: 1973
x-amz-cf-id: pXoVksSfn1QsIdH5XS0YynejpxJM1fBXGbfNs1Ejem_IvJVhN_5UfQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1637586072716&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fu...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1637586072716&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2F...

64 B
331 B

51ms
51ms

Image
image/gif

13.35.77.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1637586072716&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&c8=Candiru%20%7C%20Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques%20%7C%20La%20Presse&c9=
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Server: 13.35.77.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-64.bos50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 086cd0532de45f1c24aa2644656aff63.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: oTEV9ZYsohyzBopZ-8Xif6MbE9hzSnxQxXH4IAP05nfVv42UWSTyaw==

Redirect headers

date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 086cd0532de45f1c24aa2644656aff63.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1637586072716&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&c8=Candiru%20%7C%20Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques%20%7C%20La%20Presse&c9=
content-length: 397
x-amz-cf-id: 72dUaae2ji6gBs6bQv8YMaBsAUCTS35Mj6TK8SdUgnY8V6pMtSDYQQ==

GET
H2 200 anAToiMg0Lcc86KIzJLMi45LjA.js Show response
d39kx4ztdxg7cf.cloudfront.net/ 74 KB
26 KB 192ms
65ms Script
application/javascript 2600:9000:2105:6c00:5:18cb:8bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d39kx4ztdxg7cf.cloudfront.net/anAToiMg0Lcc86KIzJLMi45LjA.js
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2105:6c00:5:18cb:8bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 01:22:55 GMT
content-encoding: gzip
last-modified: Thu, 29 Mar 2018 06:17:39 GMT
server: AmazonS3
age: 2201898
etag: "ca3734b973941d7734d9116b823f868b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5503b1530c5d4fe35fc0727878485b7c.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: BOS50-C3
accept-ranges: bytes
content-length: 25747
x-amz-cf-id: 3WhVXasIvdECXctKn1qPLrjofibG4YkHAmf-gpPCBch89Rog-3JGyg==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 886 B
1 KB 207ms
49ms XHR
application/json 34.194.203.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=842235765AFA9B840A495D4A%40AdobeOrg&d_nsid=0&ts=1637586072735

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.203.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-203-220.compute-1.amazonaws.com

Software

Resource Hash

0128a181cbd6e99c4f85e12e02affd29f32a4e95561d043b26bbb8f4f3e30b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-1-v019-0bb9840a0.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: +62pGW2/SvI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.lapresse.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 524
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 138ms
42ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5296
date: Mon, 22 Nov 2021 11:32:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 13:32:56 GMT

GET
H2 200 3cc389fcec4930deabc567f7a89af791.webp
mobile-img.lpcdn.ca/v2/357x/r3996/e39f6159/ 17 KB
18 KB 49ms
48ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/e39f6159/3cc389fcec4930deabc567f7a89af791.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20d7630a0fabc88d21d080ef487395f8d5ad2ce0170d57e967b11739ef4924f5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 02:25:11 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 02:24:34 GMT
server: AmazonS3
age: 38161
etag: "3cfc31dc6234458aed24d7a5bc3efa6a"
x-cache: Hit from cloudfront
x-amz-version-id: zXqRMiSNPBla3MzBIAkP1MPkN_hJP0X6
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 17502
x-amz-cf-id: d_WheMOtSk329pI7InshNS8u1iwLyO5utEjWryL94zWvPDORCzcl-Q==

GET
H2 200 c36bec03eae239cfb4cede05ca11f344.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 12 KB
12 KB 75ms
74ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/c36bec03eae239cfb4cede05ca11f344.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df3a55748fbc623e75f1ff889caa430f920d71f3379b82deeb85e867d35b7e78

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 10:04:03 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 10:01:25 GMT
server: AmazonS3
age: 10630
etag: "97e2fc96ba2a86b9be8c00d97ded5f55"
x-cache: Hit from cloudfront
x-amz-version-id: 7rcHXPSKs3Y_NBo.ADE2N.2bqaPQesS0
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 11922
x-amz-cf-id: mKWT8XPIezei7HAvYXvRapkSkDHa24ozeVMKyvFEAr0Atik2Ra-EVw==

GET
H2 200 b43ce4b4960d3dee83973157b2e5bf62.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 14 KB
15 KB 80ms
79ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/b43ce4b4960d3dee83973157b2e5bf62.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c91c101c1d012df39016ad8e9efdbe1936ef093c2ad6058f765c4482ce7980f6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 11:49:01 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 11:47:56 GMT
server: AmazonS3
age: 4332
etag: "3650e1a7725fa7ef6bdd955d4dc1879b"
x-cache: Hit from cloudfront
x-amz-version-id: zcB1Xy117q.FZdQlFlDRMIFG2m6Gm4Hy
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 14774
x-amz-cf-id: LKnL-sKaBWnZT_mMhFYrRBc7gt7qIGZbdJZ2_r6LMdo-5zlo8WNxPw==

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ 4 KB
3 KB 221ms
93ms Script
application/javascript 74.6.138.64
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=fr&agentVersion=205&adTrackingEnabled=true&adUnitCode=09aad792-e5e4-4767-ba40-b14df6f4f92c&apiKey=4PPN9MRTHRPVQ5RXJYJW&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&caps=16&cb=jsonpCallback0

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

media-router-flurry71.prod.media.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

bbbd66b5291d67dad41dec9d04e7fb501845a6e15a81e1937c750c58f4e8563d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 b
geo.yahoo.com/ 43 B
520 B 159ms
49ms Image
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:12 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 0F7B 3 KB
2 KB 50ms
50ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
via: 1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 36591
cf-polished: origSize=3302
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: EWR52-C4
cf-ray: 6b22585ae87d7150-YUL
x-amz-cf-id: grPGiWniH68bfTtn_MAV7TZgFVtqyKFXbidN-Zh6RPPqvpzkLyNSHw==
expires: Wed, 24 Nov 2021 13:01:12 GMT

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 93ms
43ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11984027
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: K7K0THYQ96VNEJP7
x-amz-id-2: rU/viUmgijuqli49HvCaXbrtIiMj5zQGFnS2WqhEgix7uS9L0RUR7kqVRw89/FXc+PfAJfy/Kdc=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCLoH%2BhO3wwbLjflMtS%2BDLauVhlAXs044VI%2B8cauRb89%2Fnqwyn5PmBEw9UpjMKw8jqBcCnlKKTQR%2FbIUm7FrCP2tp%2F0RaeLgkrlP3jx5KfDDDacqrdCDwoDqrVFXkyOLak8fVG2Qn6LHc9Qg7y2vsmVI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6b22585b3c5c7142-YUL

GET
H2 200 r.png
static.lpcdn.ca/lpweb/lapresse/img/meteo/icone_une/ 2 KB
2 KB 45ms
45ms Image
image/png 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.lpcdn.ca/lpweb/lapresse/img/meteo/icone_une/r.png
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 6ae876dbc449eb25080b61551b7f6a35960089b556311f022787325c2bbe53c1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 00:46:29 GMT
via: 1.1 ed12695f521001f28371bb9e667a7ebb.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 13:25:47 GMT
age: 44083
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=2628000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 2157
x-amz-cf-id: GBwtO0asriUaOwylgsag6opVjhtw4tnbuqmjVFMxmMP75Fq1IEzXxg==

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame C526 319 KB
103 KB 53ms
51ms Document
text/html 72.21.91.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.lapresse.ca
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.91.66 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8095) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 394368
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Nov 2021 13:01:12 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/8095)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

POST
H2 200 cookie_sync Show response
prebid-server.rubiconproject.com/ 1 KB
653 B 222ms
40ms XHR
application/json 34.200.131.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/cookie_sync
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.131.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-131-242.compute-1.amazonaws.com
Software: /
Resource Hash: 94a1ba82117812909ad09ee95455ada0939b197b580d54cfc39926d137c97b81

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 438
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 253 B
451 B 355ms
177ms XHR
application/json 34.200.131.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.131.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-131-242.compute-1.amazonaws.com
Software: /
Resource Hash: c1bf0da7843dd67bf57b7221a0d7d599bf4000fadf5fb0d80d7991f2b4080d76

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 217
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
205 B 85ms
72ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b22585b89797150-YUL
access-control-allow-headers: origin, content-type

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 251 B
451 B 336ms
166ms XHR
application/json 34.200.131.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.131.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-131-242.compute-1.amazonaws.com
Software: /
Resource Hash: 83184f12fc59ad7640ec19e1f200fd1636f39dd400d55bd5d26e07f6235c636d

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 217
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
38 B 76ms
73ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b22585b897a7150-YUL
access-control-allow-headers: origin, content-type

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 250 B
451 B 405ms
242ms XHR
application/json 34.200.131.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.131.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-131-242.compute-1.amazonaws.com
Software: /
Resource Hash: b6d18225d8363a817e5cb6e8c4ef918a3f5534464eb88a18d94aa8caf96988c0

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 217
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
38 B 77ms
76ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b22585b99817150-YUL
access-control-allow-headers: origin, content-type

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 251 B
451 B 429ms
272ms XHR
application/json 34.200.131.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.131.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-131-242.compute-1.amazonaws.com
Software: /
Resource Hash: ba31e66dd95fdf9dad3be23972794667d4946a4d964d208e7fded9a48052a401

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 217
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
38 B 81ms
77ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 13:01:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b22585ba99b7150-YUL
access-control-allow-headers: origin, content-type

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 174ms
52ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 147ms
53ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 62e8e8bf4a4a368db580576c0f953c53.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 9 KB
10 KB 43ms
43ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/62e8e8bf4a4a368db580576c0f953c53.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5fa2e3df26c172af0eb3de60ce45d337929fced38a9f8a9537f750906a8cb1c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 02:01:47 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Sat, 20 Nov 2021 01:56:55 GMT
server: AmazonS3
age: 39566
etag: "acffff9e5978db4ca266e9f344177b78"
x-cache: Hit from cloudfront
x-amz-version-id: bURJQjSLXNbal3ZkUNjMVLYMzXhw8GHe
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 9616
x-amz-cf-id: -rbaD9QTc_CS_XlspVgb_Hq1QUUJDdc3ltJ_Ac1JyzraxSDmJfUkfQ==

GET
H2 200 ff57bf2a352b37a9b5435293512a9059.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 6 KB
7 KB 45ms
44ms Image
image/webp 13.35.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-img.lpcdn.ca/v2/357x/r3996/ff57bf2a352b37a9b5435293512a9059.webp
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-77-80.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0499d0a6911c90063c2766d2ead550ddacc7d192ecc8808daf1b795c3a2bf0b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 00:56:47 GMT
via: 1.1 810a9accae2b6588bfefcc0e0dd6f31f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 00:56:15 GMT
server: AmazonS3
age: 43466
etag: "afbf9bd089467f742aa1aea56190bcd7"
x-cache: Hit from cloudfront
x-amz-version-id: 77CINbamFdm6FbYffAA4aNoG4qt.Gx_3
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: BOS50-C1
accept-ranges: bytes
content-type: image/webp
content-length: 6552
x-amz-cf-id: RUHYu4qjCjMp4Z0ptj7mDDyr2SRPsZRpgv1p5MtvoidFp7QwmCBolA==

GET
H2 200 buyers Show response
dmx.districtm.io/s/v1/ Frame 0F7B 554 B
782 B 71ms
70ms XHR
application/json 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/buyers

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a80a293745a0c39d9eae6ec40ebf4bf8465b46fe4bc1c6db1c8651da52e4356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b22585c2a207150-YUL
access-control-allow-headers: Origin, Content-Type

GET
H/1.1 200
OK dest5.html Show response
lapress.demdex.net/ Frame AC72 7 KB
3 KB 173ms
35ms Document
text/html 18.233.78.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://lapress.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.78.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-78-203.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 22 Nov 2021 13:01:13 GMT
DCS: dcs-prod-va6-2-v019-0fe76a27e.edge-va6.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Sun, 21 Nov 2021 20:13:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: FX/+g+daTog=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 887 B
1 KB 46ms
46ms XHR
application/json 34.194.203.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=842235765AFA9B840A495D4A%40AdobeOrg&d_nsid=0&d_mid=68488456662611031354253132769312059619&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=lapresse_crm%01449b8a90-4b94-11ec-98d0-7360590f5718%011&ts=1637586072985

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.203.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-203-220.compute-1.amazonaws.com

Software

Resource Hash

6d74e808a5027462ee7a56989792f2cb24e065f5e966e30ada8d4642e83bb8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-1-v019-021b2355b.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: B68T68w5RKU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.lapresse.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 524
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZuUmQAAAEqEcgQE
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=69103331988355342034317749239065217927
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZuUmQAAAEqEcgQE

42 B
943 B

27ms
27ms

Image
image/gif

34.194.203.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZuUmQAAAEqEcgQE

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

HTTP/1.1

Server

34.194.203.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-203-220.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-026e4eaa3.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TrCDCiKpTeo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZuUmQAAAEqEcgQE
Date: Mon, 22 Nov 2021 13:01:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
50ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=866627734&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&ul=en-us&de=UTF-8&dt=Candiru%20%7C%20Une%20autre%20firme%20isra%C3%A9lienne%20suspect%C3%A9e%20de%20cyberattaques%20%7C%20La%20Presse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=923264097&gjid=1569957810&cid=1113408229.1637586073&tid=UA-2513326-39&_gid=989015547.1637586073&_r=1&gtm=2wgba1MP8JVMP&cd2=article&cd4=desktop&z=263297022

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4PPN9MRTHRPVQ5RXJYJW_U2VjdGlvbiBQb3MgMQ==_1636488452605 Show response
s.yimg.com/ys/ 5 KB
2 KB 51ms
49ms Script
text/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ys/4PPN9MRTHRPVQ5RXJYJW_U2VjdGlvbiBQb3MgMQ==_1636488452605?cb=ygscb

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

83c66cef4e45d0922ebe4908c277b7d9af2b8edd22d1e5a6b2971108c5c44be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248568
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
x-amz-request-id: 10VMZS0MEYCY7N4P
x-amz-id-2: L8K7pwSzkCUncoQzHoDKFRur5ULgBIXBLvaINrRvyAm0TULIqa30u/720PUvH0tooYEKe6UN4ZI=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 20:07:33 GMT
server: ATS
etag: "c3805556bb095b5c11a726531ec21d95-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, stale-while-revalidate=30, max-age=2592000
accept-ranges: bytes

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C526 233 B
447 B 182ms
58ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3d5a68b6cedfac02e4870b8ac78b94ce4700665f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.lapresse.ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 7
date: Mon, 22 Nov 2021 13:01:12 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 13:01:13 GMT
server: tsa_b
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5cbf10b069dd313b00c58dba14b9e0c4178ec64521c46e79a09d73d8031a57c7
content-length: 167

GET
H2

200

pJL97Evrb7pkyCTe8mqf Show response
dmx.districtm.io/s/10027/ Frame 0F7B
Redirect Chain

https://us.creativecdn.com/cm-notify?pi=districtm
https://us.creativecdn.com/cm-notify?pi=districtm&tc=1
https://dmx.districtm.io/s/10027/pJL97Evrb7pkyCTe8mqf?pi=districtm&tc=1

76 B
141 B

60ms
59ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10027/pJL97Evrb7pkyCTe8mqf?pi=districtm&tc=1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15fcbdf7160a81ca10684069e88fc8010aff0fe7150665b07d21b1562b5a539e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 22 Nov 2021 13:01:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b22585d9bad7150-YUL

Redirect headers

location: https://dmx.districtm.io/s/10027/pJL97Evrb7pkyCTe8mqf?pi=districtm&tc=1
pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT, Mon, 22 Nov 2021 13:01:13 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341 Show response
dmx.districtm.io/s/10001/ Frame 0F7B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
https://dmx.districtm.io/s/10001/e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341

106 B
179 B

53ms
53ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10001/e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56e5a6cd17196bcacaab7da3ff9fc25973b582b2370c02da054f05f0068bb9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 22 Nov 2021 13:01:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b22585d9baf7150-YUL

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:12 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dmx.districtm.io/s/10001/e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

AAADK9E9l5W_SQNZmkeHAAAAAAA&expiration=1637672473&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&is_secure=true Show response
dmx.us-east-33.districtm.io/s/10007/ Frame 0F7B
Redirect Chain

https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&rurl=//dmx.us-east-33.districtm.io/s/10007/
https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=678149323a6708ed&is_secure=true&version=1&networkId=33921&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&rurl=%2F%2Fdmx.us-east-33.districtm.io%...
https://dmx.us-east-33.districtm.io/s/10007/AAADK9E9l5W_SQNZmkeHAAAAAAA&expiration=1637672473&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&is_secure=true

153 B
291 B

140ms
38ms

Script
application/javascript

35.231.227.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.us-east-33.districtm.io/s/10007/AAADK9E9l5W_SQNZmkeHAAAAAAA&expiration=1637672473&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&is_secure=true

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

35.231.227.177 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.227.231.35.bc.googleusercontent.com

Software

Resource Hash

a3bef76330a5deba39c664a0b64f604a4b058ba07168fc1a84a2596d6dae0fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-length: 153
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: //dmx.us-east-33.districtm.io/s/10007/AAADK9E9l5W_SQNZmkeHAAAAAAA&expiration=1637672473&nuid=21H7HmzybuptGTACRS9DZCqJ17Q&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

AAAvS07DNykAACvY_STVRQ Show response
dmx.districtm.io/s/10025/ Frame 0F7B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/districtm
https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1
https://dmx.districtm.io/s/10025/AAAvS07DNykAACvY_STVRQ

78 B
145 B

119ms
118ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10025/AAAvS07DNykAACvY_STVRQ

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6310d39bb030783852605dc4ecfdd8c029a1d07dbe6eb224a11ea259ef43c45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 22 Nov 2021 13:01:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b22585ddbf07150-YUL

Redirect headers

location: https://dmx.districtm.io/s/10025/AAAvS07DNykAACvY_STVRQ
Date: Mon, 22 Nov 2021 13:01:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

y-5QOJMahE2uEHZY.v9PksQzwOrQzHGPd_~A~UP454c3d83-4b94-11ec-b1e4-02530ff24d37 Show response
dmx.districtm.io/s/10051/ Frame 0F7B
Redirect Chain

https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP454c3d83-4b94-11ec-b1e4-02530ff24d37
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP454c3d83-4b94-11ec-b1e4-02530ff24d37&verify=true
https://dmx.districtm.io/s/10051/y-5QOJMahE2uEHZY.v9PksQzwOrQzHGPd_~A~UP454c3d83-4b94-11ec-b1e4-02530ff24d37

131 B
177 B

52ms
52ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10051/y-5QOJMahE2uEHZY.v9PksQzwOrQzHGPd_~A~UP454c3d83-4b94-11ec-b1e4-02530ff24d37

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3234fa537ac6154c31a5e888d736d573e80508080211ce66fe88bdd31d3fdf60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 22 Nov 2021 13:01:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b22585e5c797150-YUL

Redirect headers

location: https://dmx.districtm.io/s/10051/y-5QOJMahE2uEHZY.v9PksQzwOrQzHGPd_~A~UP454c3d83-4b94-11ec-b1e4-02530ff24d37
date: Mon, 22 Nov 2021 13:01:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 201 sync Show response
sdk.iad-06.braze.com/api/v3/content_cards/ 85 B
224 B 62ms
61ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/content_cards/sync

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

54ff0396cce949d16c07b465404e2469db235f7b6073f4695c3b09b35516253e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 6ee4027b-c917-4455-8f0d-69c80cff55fd
x-served-by: cache-yul12827-YUL
x-runtime: 0.026335
server: nginx
x-timer: S1637586073.121550,VS0,VE42
etag: W/"54ff0396cce949d16c07b465404e2469"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 sync
sdk.iad-06.braze.com/api/v3/content_cards/ Frame 0
0 38ms
38ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 22 Nov 2021 13:01:13 GMT
via: 1.1 varnish
x-served-by: cache-yul12827-YUL
x-cache: MISS
x-cache-hits: 0
x-timer: S1637586073.085933,VS0,VE15
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

GET sync.php
pixel.rubiconproject.com/exchange/ 0
0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ 4 KB
3 KB 85ms
85ms Script
application/javascript 74.6.138.64
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=fr&agentVersion=205&adTrackingEnabled=true&adUnitCode=1f6e50a2-6b0c-42a4-a7eb-9636ab805fdf&apiKey=4PPN9MRTHRPVQ5RXJYJW&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&caps=16&cb=jsonpCallback1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

media-router-flurry71.prod.media.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

5bb0534fa3edb76529b308cbaf86eac8645fda205c9da1f9542ac351d5caa3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 1631984460925-5018.jpg
s.yimg.com/lo/api/res/1.2/fGqnykV5IBd6ExRgPoa2jw--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/ads/ 105 KB
105 KB 45ms
44ms Image
image/jpeg 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/lo/api/res/1.2/fGqnykV5IBd6ExRgPoa2jw--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/ads/1631984460925-5018.jpg

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

aac3128d6419242d76b8eaf21e78c207472a9f01fb79f0c50d3afa430b67e6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 01 Nov 2021 12:24:09 GMT
x-content-type-options: nosniff
age: 1816625
cld_latency: 1
edge-cache-tag: 283249133519957744522654003521495965327,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
x-cache: HIT
strict-transport-security: max-age=15552000
content-length: 107192
x-xss-protection: 1; mode=block
cld_by: cache-wdc5523-WDC
x-served-by: cache-wdc5523-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 07:12:55 GMT
server: ATS
x-timer: S1635769450.811906,VS0,VE1
etag: "137fe4f6ea86a816866bad219f749213"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 gemini.png
s.yimg.com/cv/apiv2/adbuilder/ 3 KB
3 KB 114ms
114ms Image
image/png 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/cv/apiv2/adbuilder/gemini.png

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 03 Nov 2021 03:03:26 GMT
x-content-type-options: nosniff
age: 1677468
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15552000
content-length: 3328
x-amz-id-2: A9nGx8b8+P2ZiiLrluy0WfdWH7uKBU6/34CI2u13+gNz1vBovC5igWDgxbZ40gWYNEsU7/EAST0=
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Mar 2019 01:45:46 GMT
server: ATS
etag: "99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: 6X5XYWR98KWAW3QB
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 tp2
ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 0
0 119ms
28ms Preflight 52.20.125.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.125.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-125-49.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-length: 0
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

GET
DATA 200
OK truncated
/ 539 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf0714c8a65a93adfd9b25e551d1b0e1bf2167a72cbfefb3baab24a13ba0536

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 MuseoSlab-300.woff2
static.lpcdn.ca/fonts/museoSlab/ 19 KB
19 KB 35ms
34ms Font
font/woff2 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/museoSlab/MuseoSlab-300.woff2
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: d6c0de90c5d16ee3825a68ef59d10451d7bcb947f41d83f93eb8b7bc465f7622

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:23:34 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 14:15:42 GMT
age: 2007459
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 19252
x-amz-cf-id: A8ugLUH8N3ZCnsGk3v5EnlYiTw6Sek48-qnnoFLF-ZZ2aSNmguMVVA==
expires: Mon, 29 Nov 2021 07:23:34 GMT

POST
H2 200 tp2 Show response
ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
328 B 76ms
24ms XHR
text/plain 52.20.125.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.125.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-125-49.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.lapresse.ca
date: Mon, 22 Nov 2021 13:01:13 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 156ms
58ms XHR
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2513326-39&cid=1113408229.1637586073&jid=923264097&gjid=1569957810&_gid=989015547.1637586073&_u=YEBAAEAAAAAAAC~&z=1641288726

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 13:01:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=205030403978010742543
dpm.demdex.net/ Frame AC72
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=69103331988355342034317749239065217927
https://dpm.demdex.net/ibs:dpid=21&dpuuid=205030403978010742543

42 B
943 B

39ms
26ms

Image
image/gif

34.194.203.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=205030403978010742543

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

HTTP/1.1

Server

34.194.203.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-203-220.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://lapress.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-03c312a45.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hWkmF0CJSgc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:13 GMT
Server: AAWebServer
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=205030403978010742543
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Access-Control-Allow-Headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
Expires: 0

GET
H2 200 4PPN9MRTHRPVQ5RXJYJW_U2VjdGlvbiBQb3MgMg==_1634743674483 Show response
s.yimg.com/ys/ 5 KB
1 KB 36ms
36ms Script
text/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ys/4PPN9MRTHRPVQ5RXJYJW_U2VjdGlvbiBQb3MgMg==_1634743674483?cb=ygscb

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

83c66cef4e45d0922ebe4908c277b7d9af2b8edd22d1e5a6b2971108c5c44be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 18 Nov 2021 16:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334663
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
content-length: 1322
x-amz-id-2: tqiqhX6SV8+4d1Nc+e+kxTElv8tc5m2SQQkQ4txJNWIPNYJzjDCTv6TW+mP+EMa4yUF/uzyqrPc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Oct 2021 15:27:55 GMT
server: ATS
etag: "c3805556bb095b5c11a726531ec21d95-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: B575A7TH7E0QSRH1
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, stale-while-revalidate=30, max-age=2592000
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 251 B
450 B 196ms
195ms XHR
application/json 34.200.131.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.131.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-131-242.compute-1.amazonaws.com
Software: /
Resource Hash: 19a53be6347aa2ebec3634d99cfb18eb277311edc4965901b4bdb2d59c15a6df

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 216
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
38 B 104ms
103ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b22585d8b9d7150-YUL
access-control-allow-headers: origin, content-type

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 68ms
40ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 67ms
38ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 114ms
85ms XHR
text/plain 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=402901017153318&correlator=1817167765004966&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=21686484267%2CLPCA%2CLPCA_International&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x250%7C970x415&fluid=height&ppid=38358701c4c6592c5830280bc6bab6c0b11b9435&prev_scp=position%3Dpos1%26pageBlock%3Dheader&eri=1&cust_params=articleId%3D13d1656857303278a01c7d5bc88c0de1%26suptitle%3Dcandiru%26publicationDate%3D2021-11-16%26microtheme%3D%26sectionName%3Dmoyen-orient%26typePage%3Darticle%26pageView%3Ddesktop%26pathUrl%3Dwww.lapresse.ca%252Finternational%252Fmoyen-orient%252F2021-11-16%252Fcandiru%252Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php%26userId%3D38358701c4c6592c5830280bc6bab6c0b11b9435%26platform%3Dlpca%26deviceInstanceIdHash%3D38358701c4c6592c5830280bc6bab6c0b11b9435%26isLogged%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1637586073&dt=1637586073240&dlt=1637586071565&idt=1251&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=280&adks=3876893154&ucis=1&hl=fr&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x46&msz=728x30&ga_vid=1113408229.1637586073&ga_sid=1637586073&ga_hid=866627734&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

b96180cdec895bb584b86716d5647ad77933dbf562f17942f9eed425c5012819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9073
x-xss-protection: 0
google-lineitem-id: 5807947912
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371449158
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 052E 6 KB
4 KB 96ms
33ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:01:13 GMT
expires: Tue, 22 Nov 2022 13:01:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

ibs:dpid=601&dpuuid=1723693390865&random=1637586073
dpm.demdex.net/ Frame AC72
Redirect Chain

https://dp2.33across.com/ps/?pid=897&random=808426765
https://dpm.demdex.net/ibs:dpid=601&dpuuid=1723693390865&random=1637586073

42 B
943 B

33ms
26ms

Image
image/gif

34.194.203.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=601&dpuuid=1723693390865&random=1637586073

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

HTTP/1.1

Server

34.194.203.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-203-220.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://lapress.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-0356b3166.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rz5iABZIRxk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:12 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 200004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://dpm.demdex.net/ibs:dpid=601&dpuuid=1723693390865&random=1637586073
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 87ms
37ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2513326-39&cid=1113408229.1637586073&jid=923264097&_u=YEBAAEAAAAAAAC~&z=436435788

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 83ms
36ms Image
image/gif 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2513326-39&cid=1113408229.1637586073&jid=923264097&_u=YEBAAEAAAAAAAC~&z=436435788

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 33ms
33ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
22 KB 101ms
100ms XHR
text/plain 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=402901017153318&correlator=1591249350646731&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=21686484267%2CLPCA%2CLPCA_International&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x600&fluid=height&ppid=38358701c4c6592c5830280bc6bab6c0b11b9435&prev_scp=position%3Dpos1%26pageBlock%3Dright-col&eri=1&cust_params=articleId%3D13d1656857303278a01c7d5bc88c0de1%26suptitle%3Dcandiru%26publicationDate%3D2021-11-16%26microtheme%3D%26sectionName%3Dmoyen-orient%26typePage%3Darticle%26pageView%3Ddesktop%26pathUrl%3Dwww.lapresse.ca%252Finternational%252Fmoyen-orient%252F2021-11-16%252Fcandiru%252Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php%26userId%3D38358701c4c6592c5830280bc6bab6c0b11b9435%26platform%3Dlpca%26deviceInstanceIdHash%3D38358701c4c6592c5830280bc6bab6c0b11b9435%26isLogged%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1637586073&dt=1637586073316&dlt=1637586071565&idt=1251&frm=20&biw=1600&bih=1200&oid=2&adxs=1110&adys=1209&adks=1058887469&ucis=2&hl=fr&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.lapresse.ca%2Finternational%2Fmoyen-orient%2F2021-11-16%2Fcandiru%2Fune-autre-firme-israelienne-suspectee-de-cyberattaques.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x46&msz=300x30&ga_vid=1113408229.1637586073&ga_sid=1637586073&ga_hid=866627734&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ed4d88e7a318e40bdaf24feeb7e5540034414da64b75e1889c9f6f72d85c8b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22864
x-xss-protection: 0
google-lineitem-id: 5781772680
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371750186
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.lapresse.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 38ms
37ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEK-KrfofqhspgoJ8BgUIHho&google_cver=1
dpm.demdex.net/ Frame AC72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjkxMDMzMzE5ODgzNTUzNDIwMzQzMTc3NDkyMzkwNjUyMTc5Mjc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK-KrfofqhspgoJ8BgUIHho&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

27ms
26ms

Image
image/gif

34.194.203.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK-KrfofqhspgoJ8BgUIHho&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

HTTP/1.1

Server

34.194.203.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-203-220.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://lapress.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-013444d49.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ide/tv3+SWI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK-KrfofqhspgoJ8BgUIHho&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91E4 6 KB
3 KB 47ms
20ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:01:13 GMT
expires: Tue, 22 Nov 2022 13:01:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 90ms
23ms Preflight 52.45.81.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.81.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-81-9.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 27ms
27ms XHR
application/json 52.45.81.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.81.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-81-9.compute-1.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame 0F7B 0
725 B 55ms
55ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b2258601ea17150-YUL
access-control-allow-headers: Origin, Content-Type

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 136ms
78ms Preflight 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
cf-ray: 6b22585fad352d6a-ORD
access-control-allow-origin: https://cdn.districtm.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-max-age: 14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 91E4 19 KB
8 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 12:59:12 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 91E4 22 KB
7 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Nov 2022 05:43:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91E4 119 KB
36 KB 78ms
52ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 13:01:13 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 91E4 109 KB
38 KB 67ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
Origin: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 11:21:56 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 184 KB
26 KB 47ms
20ms Document
text/html 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee2363b66d194b5339868dc1c5a3cd6fb4635361663eff949a5410b66c5c1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 26617
date: Mon, 22 Nov 2021 05:00:18 GMT
expires: Tue, 23 Nov 2021 05:00:18 GMT
last-modified: Mon, 15 Nov 2021 15:44:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 28855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91E4 0
23 B 40ms
39ms Image
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX2g6mfFaXNOz67HOfNfZudGAOnsgc5ui2XpEDh3Qcfdzt5WOKPTMysOoZYG8oUghkLNL4RAMze-h9RyeNBlnEtoUMH4ZgZYuMBD-by4b3cjXvY5KpvkJ04i3G14D9NoFx4up0-m0lCrnSdLcinkZ_X5Z9Jn3BdvcGqgQaVmFS92_E8VIjqq6nTt7Bc44XBvvMiNf3iNSzYplHfwuE6o9CYLd1KEdJ8XCI39HekBrUS1d7p7mIeq8n-ArZSRIluh1CmM9IpdNZe1wVfvOAGnCMXvRPs1ZMNReJaDXKZRl_HyjBSqId-qR9YwgIvxpBh-XS5JoHF-qzv182Jlrq3KmmYMk&sai=AMfl-YQU7urRcBdZR_OlBb2UaNCgCuNUQ6Xc0WVgZfQPtUPaaTLY2ue3LPpD8-uWNp9q7m6I9DAMU2YMLxizniqLdH0pIYujvEqIBItqI5TTgWipTWMoI-jFZO1c0emczlBJZEE4uHjv7coU8LYMIqPp&sig=Cg0ArKJSzBvQtVcbUhjnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

B26731003.320233147;dc_pre=COnr2MGDrPQCFQPgtQodbr4Hjw;dc_trk_aid=512773614;dc_trk_cid=161673324;ord=1842939789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1615345.3182630LAPRESSE/ Frame 91E4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1615345.3182630LAPRESSE/B26731003.320233147;dc_trk_aid=512773614;dc_trk_cid=161673324;ord=1842939789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N1615345.3182630LAPRESSE/B26731003.320233147;dc_pre=COnr2MGDrPQCFQPgtQodbr4Hjw;dc_trk_aid=512773614;dc_trk_cid=161673324;ord=1842939789;dc_lat=;dc_rdid=;tag_...

42 B
63 B

47ms
47ms

Image
image/gif

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1615345.3182630LAPRESSE/B26731003.320233147;dc_pre=COnr2MGDrPQCFQPgtQodbr4Hjw;dc_trk_aid=512773614;dc_trk_cid=161673324;ord=1842939789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.80.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1615345.3182630LAPRESSE/B26731003.320233147;dc_pre=COnr2MGDrPQCFQPgtQodbr4Hjw;dc_trk_aid=512773614;dc_trk_cid=161673324;ord=1842939789;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 75ms
75ms Preflight 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
cf-ray: 6b2258608e512d6a-ORD
access-control-allow-origin: https://cdn.districtm.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-max-age: 14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame 0F7B 0
704 B 61ms
60ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 13:01:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b225860ff857150-YUL
access-control-allow-headers: Origin, Content-Type

GET
H3 200 DcmEnabler_01_243.js Show response
s0.2mdn.net/879366/ Frame B127 29 KB
10 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_243.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 01:55:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 06:36:35 GMT

GET
H3 200 970x250_legal.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 10 KB
10 KB 21ms
21ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/970x250_legal.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e64a7c9eaea7330de8b2fcb04fff3d8eddddfdd8c943cd27d0995df89f1f6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9891
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Bouton.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 623 B
647 B 21ms
21ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Bouton.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1de0a74259ae0017386fae67b4cd8586460570d207734fcd09b9aaf6a29f0171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 623
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 CTA.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 2 KB
2 KB 21ms
21ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/CTA.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eb33fd2403ff14a633244bfdf48a1763bb2cb1935dc575968d67e33f5a92daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1550
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Titre1.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 4 KB
4 KB 23ms
22ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Titre1.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c1bc29cd819147fc96c56eb19ec4a42bdb948b3591555835f4dd413a831ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4211
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Ligne1.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 190 B
214 B 24ms
23ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Ligne1.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce5966d984a46d12ce670445adec7ee93df28586850028e6b63b2051b9233b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Titre2.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 4 KB
4 KB 25ms
23ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Titre2.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fc4a5df0894ff4954c36608cb2853c1cd6b54a3563df54831322a67ca538f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4581
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Ligne2.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 193 B
217 B 29ms
27ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Ligne2.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8231b24e1bfe1c56048b991b2810ea11b7571c6ded588f0f639f9782cd43dd1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Titre3.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 4 KB
4 KB 29ms
28ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Titre3.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baaa049804efecbdf7d01549091335de23ba5170512bbb19fbfca327714272db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3946
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Ligne3.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 190 B
214 B 28ms
26ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Ligne3.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4c030d5a0d098f7f7a43370527da53c8344d6979a7b5e5bb3575cbbe2b9d066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Titre4.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 1 KB
1 KB 27ms
25ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Titre4.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8089ef5ac8ac7bce38012173e18eae16b8f9b818d89d0656e78b434e5d787014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1156
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 Logo.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 2 KB
2 KB 27ms
26ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/Logo.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dd55e43ca618a7ce8cb369f5ef50a642d8ecdc09f979c2e8687474309249d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2160
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 mask_fleche.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 13 KB
13 KB 30ms
28ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/mask_fleche.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60438051fefee99ef395bd5f02e2c9c8169636c89f0bc4de012fcb5c333824d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13714
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 mask_fleche2.png
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 8 KB
8 KB 41ms
40ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/mask_fleche2.png

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b43cbcafd6fcb33ab93e3641e67ed9a5491c6bb95c8392698d88cbb5f0222b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8373
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 photo.jpg
s0.2mdn.net/dfp/1762393/4548346074/1636991041273/ Frame B127 45 KB
45 KB 34ms
33ms Image
image/jpeg 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/photo.jpg

Requested by

Host: 48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
URL: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f30d91aefd78e260dc3345773c8467ceeb7bcb9ac9231a585255c21961d6146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/1762393/4548346074/1636991041273/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:00:18 GMT
x-content-type-options: nosniff
age: 28855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46505
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:44:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 05:00:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91E4 0
0 66ms
40ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbxoyRgbFMFWDvtpB9Ax3kOcngWDojI8bIEMdm_BeKZCNffJqJgL-ZWDe7kNDpsyAMq7wPJUMzqR8YeAjPPQgM9TMaazAXfH116OVsiuVuRhXzHsI71pr0plNB5ZKfKMEyHWZSbRdsWZR5PauHtXxNcpxMAV6ctxc7zqlCPZSnZC0yMbNQ7T2YHj95D8WWQmYyLMY2SiLDYY4ssfelKJ2zC8cGtFrI9SfOzIGMaLncUPTaBjEZqwf0O0Aowo6Qc8d4qKw95bb9r5ttxoCCSVDWnB41_S0KMaK_G-uDeuSWCm8su42XjeFrrWnwTXzhXJ3AQtdVge0&sai=AMfl-YT7ku5spUeo97wtBiWWVhFP53BGGQ9ckbYvYCDuMooqhfpukN73bQ6N7sxH8lo_U3do4QidClz1ZIlPk_X0MQCmq0Fg86v7F03CjEkjms-OHNVJqGvvpNoasDtoxXWXBBb5S1SwtGcGVJkck6up&sig=Cg0ArKJSzP0RJKori9kPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Nov 2021 13:01:13 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 91E4 42 B
497 B 90ms
41ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEz3Jgzw5HYbzh1FaPJl4PiPIgrA1Ujihnt46Orq6MWZvCQeF2y7lau14KHiNlrC_To9qhuq-KEXZFcZ22UZ3zVTr4XdmZvH0D0Hl9UiwEI3RSA3lH&sig=Cg0ArKJSzDn_REmZxDf6EAE&id=lidar2&mcvt=1000&p=280,315,695,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3876893154&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637586073433&rpt=331&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tp2 Show response
ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
327 B 25ms
25ms XHR
text/plain 52.20.125.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.125.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-125-49.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.lapresse.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.lapresse.ca
date: Mon, 22 Nov 2021 13:01:17 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 tp2
ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 0
0 26ms
26ms Preflight 52.20.125.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-lapresse-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.125.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-125-49.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 13:01:17 GMT
content-length: 0
access-control-allow-origin: https://www.lapresse.ca
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

OPTIONS
H2 200 /
sdk.iad-06.braze.com/api/v3/template/ Frame 0
0 27ms
26ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/template/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-requested-with
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 varnish
x-served-by: cache-yul12827-YUL
x-cache: MISS
x-cache-hits: 0
x-timer: S1637586078.120703,VS0,VE16
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 / Show response
sdk.iad-06.braze.com/api/v3/template/ 9 KB
2 KB 48ms
47ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/template/

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e71b733ab44e48c665a59c1c3adcd2bdec3387139c2b0ca8e887737c5bf0e814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.lapresse.ca/
X-Braze-Api-Key: bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: d36178c8-d9f6-4a13-8774-46e0ce9fe18f
x-served-by: cache-yul12827-YUL
x-runtime: 0.021006
server: nginx
x-timer: S1637586078.147889,VS0,VE37
etag: W/"e71b733ab44e48c665a59c1c3adcd2bd"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ic-close@2x.png
files.lpcdn.ca/produits/sondage/ 336 B
701 B 98ms
23ms Image
image/png 65.8.20.91

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.lpcdn.ca/produits/sondage/ic-close@2x.png
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.20.91 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69ca716f12f2a03e5ec28b1ece2fe38e04359f5e9ca6d7c8bb8bd9b2a51633d4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: pL9R0NKFKWNcP611mqTuf7TFHQId2gQ4
via: 1.1 53a0c837da247a6d49f09ae6de51454f.cloudfront.net (CloudFront)
last-modified: Fri, 09 Oct 2020 15:20:37 GMT
server: AmazonS3
age: 1277
etag: "99a5d12482c4c1f3e165bcc87bc3a0b4"
x-cache: Hit from cloudfront
content-type: image/png
date: Mon, 22 Nov 2021 12:40:02 GMT
x-amz-cf-pop: BOS50-C3
accept-ranges: bytes
content-length: 336
x-amz-cf-id: lTy46ZHzfHanSnhgbfAcwE4q4nvLV7ICedFYF3bf3w5Iuqv1qdMVQw==

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 056A 2 KB
1 KB 62ms
19ms Document
text/html 23.41.168.244

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

GET
H3

200

pd Show response
u.openx.net/w/1.0/ Frame B72A
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

672 B
443 B

42ms
29ms

Document
text/html

35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 49b77fabfb27ea9d3e838a9d63d0856e5f993f2116f5f59c84cdc78d81416ce2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 22 Nov 2021 13:01:18 GMT
content-type: text/html
content-length: 424
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Mon, 22 Nov 2021 13:01:18 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B620 52 KB
17 KB 43ms
10ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 22 Nov 2021 13:01:18 GMT
Age: 30962
X-Served-By: cache-lga21928-LGA, cache-yul12827-YUL
X-Cache: HIT, HIT
X-Cache-Hits: 2, 121043
X-Timer: S1637586078.249776,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 60ED 116 B
347 B 35ms
35ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
content-type: text/html
cf-ray: 6b22587cdda67150-YUL
age: 52780
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 3656f262c2589326b2ab2a4824da0517.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: CZPYzEVcjbCvrq4fwAsvyqw6C5kpgfyX-n60w5vCO17RBD4RqnZ9gw==
x-amz-cf-pop: EWR52-C4
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4E93 52 KB
17 KB 41ms
10ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 22 Nov 2021 13:01:18 GMT
Age: 30962
X-Served-By: cache-lga21928-LGA, cache-yul12824-YUL
X-Cache: HIT, HIT
X-Cache-Hits: 2, 110549
X-Timer: S1637586078.249616,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E884 281 B
554 B 67ms
21ms Document
text/html 23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F5C9 52 KB
17 KB 39ms
11ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 22 Nov 2021 13:01:18 GMT
Age: 30962
X-Served-By: cache-lga21928-LGA, cache-yul12824-YUL
X-Cache: HIT, HIT
X-Cache-Hits: 2, 110549
X-Timer: S1637586078.249623,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame E23D 2 KB
1 KB 61ms
19ms Document
text/html 23.41.168.244

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 8177 116 B
236 B 38ms
37ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
content-type: text/html
cf-ray: 6b22587cedb17150-YUL
age: 52780
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 ff74a1dbc74f82ecce9bc5f46350f30a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: PfXt5izPqGF61z5szCfvWp8h15k1cLCKfL2IkRF-oeBVFu5BBqiBnA==
x-amz-cf-pop: EWR52-C4
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H3

200

pd Show response
u.openx.net/w/1.0/ Frame B7F8
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

672 B
443 B

42ms
29ms

Document
text/html

35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 49b77fabfb27ea9d3e838a9d63d0856e5f993f2116f5f59c84cdc78d81416ce2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 22 Nov 2021 13:01:18 GMT
content-type: text/html
content-length: 424
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Mon, 22 Nov 2021 13:01:18 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 51EB 116 B
237 B 45ms
45ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
content-type: text/html
cf-ray: 6b22587cfdb77150-YUL
age: 52780
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 44c3684463dfb1f60dc276fec7fe9d93.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: xQM2HqswczuRuMTXx_m6oQCAvV1ZHBDIwcfy8ca49HcP1orqPtABeQ==
x-amz-cf-pop: EWR52-C4
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame D762 2 KB
1 KB 58ms
19ms Document
text/html 23.41.168.244

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

GET
H3

200

pd Show response
u.openx.net/w/1.0/ Frame 582A
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

672 B
443 B

43ms
31ms

Document
text/html

35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 49b77fabfb27ea9d3e838a9d63d0856e5f993f2116f5f59c84cdc78d81416ce2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.lapresse.ca/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 22 Nov 2021 13:01:18 GMT
content-type: text/html
content-length: 424
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Mon, 22 Nov 2021 13:01:18 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 Rubrik-Bold.woff
static.lpcdn.ca/fonts/rubrik/ 25 KB
26 KB 24ms
24ms Font
application/x-font-woff 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-Bold.woff
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 437a53c326217512efd3f9abe52a547e7c27cdf0c121a2c3fc8d611947abc800

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:11:33 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2288985
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 25844
x-amz-cf-id: CMamwHr3yawvuZ_3FS99xe9D34ClejEitZ8FFWVRvEllFUX-QIOfPA==
expires: Fri, 26 Nov 2021 01:11:33 GMT

GET
H2 200 Rubrik-Regular.woff
static.lpcdn.ca/fonts/rubrik/ 25 KB
25 KB 32ms
31ms Font
application/x-font-woff 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-Regular.woff
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: 16b7888898abf64320bc050b8b5d6130512009e4cd3bc7a79c4aa7fef86dd1b5

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:04:51 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2282187
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 25688
x-amz-cf-id: cjOhTDGTfg8oktzm7YR6NVJYNak3fva1cjc1Z6pFc_VZr_3kVNNy8Q==
expires: Fri, 26 Nov 2021 03:04:51 GMT

GET
H2 200 Rubrik-SemiBold.woff
static.lpcdn.ca/fonts/rubrik/ 25 KB
26 KB 34ms
34ms Font
application/x-font-woff 13.249.184.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lpcdn.ca/fonts/rubrik/Rubrik-SemiBold.woff
Requested by: Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.184.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-184-58.bos50.r.cloudfront.net
Software: /
Resource Hash: bd81fc897dcd430d6e6646357b912943aaa0d3a1bcd87068980566584ddebf23

Request headers

Referer: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.7a6cb769625701a65676.css
Origin: https://www.lapresse.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 23:56:45 GMT
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a91.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 20:20:56 GMT
age: 2293473
x-cache: Hit from cloudfront
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-length: 26040
x-amz-cf-id: SIYp0KYEApPHvCWFK_yCHVsTB0aF2RoS3NnuUXumxzrUL3xqRxEk3Q==
expires: Thu, 25 Nov 2021 23:56:45 GMT

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 60ED 3 KB
2 KB 20ms
20ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 36597
cf-polished: origSize=3302
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: EWR52-C4
cf-ray: 6b22587dbe807150-YUL
x-amz-cf-id: grPGiWniH68bfTtn_MAV7TZgFVtqyKFXbidN-Zh6RPPqvpzkLyNSHw==
expires: Wed, 24 Nov 2021 13:01:18 GMT

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 8177 3 KB
2 KB 20ms
20ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 36597
cf-polished: origSize=3302
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: EWR52-C4
cf-ray: 6b22587fb8e07150-YUL
x-amz-cf-id: grPGiWniH68bfTtn_MAV7TZgFVtqyKFXbidN-Zh6RPPqvpzkLyNSHw==
expires: Wed, 24 Nov 2021 13:01:18 GMT

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 51EB 3 KB
2 KB 21ms
21ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 36597
cf-polished: origSize=3302
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: EWR52-C4
cf-ray: 6b22587fb8e17150-YUL
x-amz-cf-id: grPGiWniH68bfTtn_MAV7TZgFVtqyKFXbidN-Zh6RPPqvpzkLyNSHw==
expires: Wed, 24 Nov 2021 13:01:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E884 32 KB
10 KB 22ms
21ms Script
text/html 23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b2ff195ce33ad293590e06bead291c48559298da0715c3c4aa0d3b0b035ee9d6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=29389
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Mon, 22 Nov 2021 21:11:07 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B72A
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3284871561668243888&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

31ms
29ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3284871561668243888&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3284871561668243888&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B72A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE

43 B
180 B

30ms
29ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637586079.716190,VS0,VE0
x-served-by: cache-yul12827-YUL
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 7211c007-fe1d-e16a-ddef-069d002f4f0a
pr-bh.ybp.yahoo.com/sync/openx/ Frame B72A 43 B
874 B 88ms
30ms Image
image/gif 2600:1f18:4e9:5a05:915b:1f70:c370:1ea5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/7211c007-fe1d-e16a-ddef-069d002f4f0a?gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:915b:1f70:c370:1ea5 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B72A
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243

43 B
62 B

33ms
31ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 293

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame B72A 170 B
188 B 72ms
38ms Image
image/png 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2FiOTc1ODktYTdjNi0yZDg3LWY5ZDgtNGFkMTM1OWE0YzIz

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B72A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1

43 B
61 B

35ms
33ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B7F8
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2924583591478604208&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

32ms
30ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2924583591478604208&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2924583591478604208&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B7F8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE

43 B
106 B

31ms
30ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637586079.716274,VS0,VE0
x-served-by: cache-yul12827-YUL
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 7211c007-fe1d-e16a-ddef-069d002f4f0a
pr-bh.ybp.yahoo.com/sync/openx/ Frame B7F8 43 B
874 B 89ms
32ms Image
image/gif 2600:1f18:4e9:5a05:915b:1f70:c370:1ea5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/7211c007-fe1d-e16a-ddef-069d002f4f0a?gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:915b:1f70:c370:1ea5 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B7F8
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243

43 B
62 B

35ms
34ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 293

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame B7F8 170 B
188 B 73ms
40ms Image
image/png 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2FiOTc1ODktYTdjNi0yZDg3LWY5ZDgtNGFkMTM1OWE0YzIz

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B7F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1

43 B
61 B

35ms
33ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame B620
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

34ms
31ms

Script
text/html

68.67.161.205

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

68.67.161.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 80c96959-abdb-402f-a758-6cbcab02a699
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 2de26e20-03f1-4b1a-a134-36053ff0335f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 4E93
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

19ms
19ms

Script
text/html

68.67.161.205

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

68.67.161.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: d559c90b-8cb4-49bc-bcc9-edbf26a89a29
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 715489f8-d74d-4070-86cc-b3fa6df1a9ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame F5C9
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

19ms
19ms

Script
text/html

68.67.161.205

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

68.67.161.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 933dfd7e-4512-49c2-9032-df472e3dbf8d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 74bcc5fe-2fd5-44bd-9970-30649e3345c1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

49ms
43ms

Document
text/html

23.41.168.244

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: bb2174b93d2fcaa521dc22c41b529ff95bcc4d0575d70a294aead6ef0ef0b8a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|45|241|196|64|47|57
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1558
Expires: Mon, 22 Nov 2021 13:01:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 338
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 22 Nov 2021 13:01:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9001
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

40ms
35ms

Document
text/html

23.41.168.244

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e567f76bf185f9bb907fce2fde1a537baf37baa91ece69c0d3f86051c8535c17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|45|39|230|218|130|105|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1601
Expires: Mon, 22 Nov 2021 13:01:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 338
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 22 Nov 2021 13:01:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8EFC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

1 KB
2 KB

39ms
36ms

Document
text/html

23.41.168.244

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: fd076a12e541f392e8506989cb51a0cc9f5f01de45bf257c7c90e20af029dc79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|45|241|196|111|5|188
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1450
Expires: Mon, 22 Nov 2021 13:01:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 338
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 22 Nov 2021 13:01:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Connection: keep-alive

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 582A
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3428986749744099760&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

33ms
31ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3428986749744099760&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3428986749744099760&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 582A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE

43 B
106 B

31ms
31ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637586079.722267,VS0,VE0
x-served-by: cache-yul12827-YUL
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZuUmQAAAEqEcgQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 7211c007-fe1d-e16a-ddef-069d002f4f0a
pr-bh.ybp.yahoo.com/sync/openx/ Frame 582A 43 B
875 B 86ms
30ms Image
image/gif 2600:1f18:4e9:5a05:915b:1f70:c370:1ea5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/7211c007-fe1d-e16a-ddef-069d002f4f0a?gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:915b:1f70:c370:1ea5 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 582A
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=e6d6a643-6eb1-7323-ec38-1068ff788243&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243

43 B
62 B

38ms
35ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=32ce38a0-7808-4be5-a00d-ca3c412102aa&ttd_puid=e6d6a643-6eb1-7323-ec38-1068ff788243
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 293

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 582A 170 B
188 B 67ms
37ms Image
image/png 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2FiOTc1ODktYTdjNi0yZDg3LWY5ZDgtNGFkMTM1OWE0YzIz

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 582A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1

43 B
61 B

36ms
33ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEPEfY8-DuqhrvNkuvjuX8M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E884 284 B
922 B 107ms
26ms Image
image/jpg 8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 2dd9fa24169fa04536d533da131679f8
Content-Type: image/jpg

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9001
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

43 B
932 B

48ms
47ms

Image
image/gif

209.54.180.144

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.144 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TB50BVS8QVENN108WQA8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1ENKP5R9C4HB0JW23EX8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9001
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZuUnshfYBmnm3ifGhecsAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1

43 B
1 KB

26ms
25ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9001
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=

43 B
1006 B

74ms
27ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9001
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1

43 B
315 B

31ms
28ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YZuUnshfYBmnm3ifGhecsAAA%26515
dpm.demdex.net/ Frame 9001 42 B
943 B 39ms
31ms Image
image/gif 34.194.203.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YZuUnshfYBmnm3ifGhecsAAA%26515?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.203.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-203-220.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v019-0f4072888.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3kq9cBG4TK8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 9001 43 B
430 B 85ms
24ms Image
image/gif 52.201.9.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.9.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-9-166.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9001
Redirect Chain

https://d.adroll.com/cm/index/ssp
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
1 KB

27ms
25ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Mon, 22 Nov 2021 13:01:18 GMT
server: nginx/1.20.0
content-length: 76

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9001
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6908724781042293906&uid=Q6908724781042293906&ref=%2Feucm%2Fp%2Fcc
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6908724781042293906

43 B
1 KB

30ms
28ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6908724781042293906
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6908724781042293906
Cache-Control: max-age=75051
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9001 43 B
425 B 26ms
18ms Image
image/gif 23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YZuUnshfYBmnm3ifGhecsAAA%26515
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:01:18 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3293
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:56:11 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 8EFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1

43 B
315 B

35ms
24ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8EFC
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=

43 B
1006 B

81ms
30ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8EFC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZuUnshfYBmnm3ifGhecsAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1

43 B
1 KB

29ms
28ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8EFC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

43 B
932 B

51ms
51ms

Image
image/gif

209.54.180.144

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.144 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YDN1ZB1566TTFDT95FRH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9X5KD5MT5YEW0FDK7GA3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame 8EFC 0
215 B 67ms
14ms Image
text/plain 51.161.117.181

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.117.181 -, , ASN (),
Reverse DNS
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8EFC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8435183636622910885&expiration=1638795679

43 B
1 KB

27ms
26ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8435183636622910885&expiration=1638795679
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:19 GMT
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8435183636622910885&expiration=1638795679
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 8EFC 0
0 80ms
20ms Image
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 8EFC 0
88 B 105ms
23ms Image
text/plain 54.81.254.118

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.254.118 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8EFC 43 B
425 B 25ms
18ms Image
image/gif 23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YZuUnshfYBmnm3ifGhecsAAA%26515
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:01:18 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3293
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:56:11 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1

43 B
315 B

41ms
29ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBAWoNDCxHzS05XS7cdRGQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=

43 B
1006 B

76ms
26ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=32ce38a0-7808-4be5-a00d-ca3c412102aa&expiration=1640178078&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZuUnshfYBmnm3ifGhecsAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1

43 B
1 KB

26ms
25ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOE-HXDs3kf20UJtUXdDxTA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame C13D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

43 B
932 B

47ms
46ms

Image
image/gif

209.54.180.144

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.144 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2MP1T4PNFZZ4BG7Q53V2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XWNHW2BTDVM2PVF9H6AN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YZuUnshfYBmnm3ifGhecsAAAAgMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame C13D 0
215 B 68ms
18ms Image
text/plain 51.161.117.181

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.117.181 -, , ASN (),
Reverse DNS
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_i...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&expiration=1640178078

43 B
1 KB

27ms
27ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&expiration=1640178078
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e2efba38-07d8-46ae-bc18-b4764a8326c1-619b9499-4341&expiration=1640178078
date: Mon, 22 Nov 2021 13:01:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8LNHzGHo1MP8WH5

43 B
1 KB

25ms
25ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8LNHzGHo1MP8WH5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:18 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-08f1e0861934c9d04@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8LNHzGHo1MP8WH5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470201797405350

43 B
1 KB

29ms
28ms

Image
image/gif

23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470201797405350
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:01:19 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470201797405350
Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame C13D 43 B
425 B 22ms
18ms Image
image/gif 23.41.168.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YZuUnshfYBmnm3ifGhecsAAA%26515
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lapresse.ca/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:01:18 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3293
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 13:56:11 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E884
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZuUmQAAAEqEcgQE

42 B
679 B

415ms
104ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZuUmQAAAEqEcgQE
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637586079.999135,VS0,VE0
x-served-by: cache-yul12827-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZuUmQAAAEqEcgQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E884
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2Y2ViNzgzMzVjNmUzNjYyYmM2ODZmOThkZjUxMmMwMGU5NGE5OA

170 B
188 B

42ms
41ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2Y2ViNzgzMzVjNmUzNjYyYmM2ODZmOThkZjUxMmMwMGU5NGE5OA

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2Y2ViNzgzMzVjNmUzNjYyYmM2ODZmOThkZjUxMmMwMGU5NGE5OA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E884
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dBT0dYOVEtMTUtQlhSTw==

170 B
188 B

42ms
39ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dBT0dYOVEtMTUtQlhSTw==

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:01:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dBT0dYOVEtMTUtQlhSTw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 709414.gif
id.rlcdn.com/ Frame E884 42 B
448 B 70ms
41ms Image
image/gif 35.190.60.146

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:01:19 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E884
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=073b619b-949f-4d00-a143-d5a70ffb3637

42 B
679 B

417ms
106ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=073b619b-949f-4d00-a143-d5a70ffb3637
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Nov 2021 13:01:19 GMT
Server: MT3 4103 f8fad19 master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=073b619b-949f-4d00-a143-d5a70ffb3637
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 22 Nov 2021 13:01:18 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E884
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWAOGX9Q-15-BXRO&sigv=1&esig=2~d77df717f264a7f20994adaae813a415e2c9a3ff

0
299 B

37ms
32ms

Image
text/plain

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWAOGX9Q-15-BXRO&sigv=1&esig=2~d77df717f264a7f20994adaae813a415e2c9a3ff

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:01:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWAOGX9Q-15-BXRO&sigv=1&esig=2~d77df717f264a7f20994adaae813a415e2c9a3ff
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E884
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Zqsqk2vE7hrRGt5CkICnVsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4127272148083631737

42 B
679 B

404ms
105ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4127272148083631737
Requested by: Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

date: Mon, 22 Nov 2021 13:01:19 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4127272148083631737
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET

tap.php
pixel.rubiconproject.com/ Frame E884
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE72De7PNgjn_zpSRDSlaMQ&google_cver=1

0
0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B620 0
733 B 21ms
20ms Script
text/html 68.67.161.205

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 6a76c31b-0aab-4a55-aeea-2eddf20b798e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4E93 0
733 B 26ms
26ms Script
text/html 68.67.161.205

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 9b92662e-4a8d-493b-9dd9-9cbe4dbde02b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F5C9 0
733 B 20ms
20ms Script
text/html 68.67.161.205

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.205 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:01:19 GMT
X-Proxy-Origin: 37.120.205.158; 37.120.205.158; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 17bee7e8-0256-46de-9761-e3ee46e95ccd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 201 / Show response
sdk.iad-06.braze.com/api/v3/data/ 2 B
214 B 37ms
36ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Requested by

Host: www.lapresse.ca
URL: https://www.lapresse.ca/international/moyen-orient/2021-11-16/candiru/une-autre-firme-israelienne-suspectee-de-cyberattaques.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.lapresse.ca/
X-Braze-Api-Key: bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 22 Nov 2021 13:01:23 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: b70886bc-129e-4369-9b72-bd75260e9c29
x-served-by: cache-yul12827-YUL
x-runtime: 0.007790
server: nginx
x-timer: S1637586083.093074,VS0,VE23
etag: W/"44136fa355b3678a1146ad16f7e8649e"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-06.braze.com/api/v3/data/ Frame 0
0 27ms
26ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-requested-with
Origin: https://www.lapresse.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 22 Nov 2021 13:01:23 GMT
via: 1.1 varnish
x-served-by: cache-yul12827-YUL
x-cache: MISS
x-cache-hits: 0
x-timer: S1637586083.065741,VS0,VE16
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=23098&us_privacy=

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE72De7PNgjn_zpSRDSlaMQ&google_cver=1

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lapresse.ca/	1970-01-23 14:29:06	Name: LPUID Value: 449b8a90-4b94-11ec-98d0-7360590f5718
www.lapresse.ca/	1969-12-31 23:59:59	Name: dmxRegion Value: false
.lapresse.ca/	1970-01-20 07:39:03	Name: ab.storage.deviceId.bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed Value: %7B%22g%22%3A%224f63924a-a9d9-5ef2-22c8-df884d8fa78d%22%2C%22c%22%3A1637586072561%2C%22l%22%3A1637586072561%7D
.lapresse.ca/	1970-01-20 03:16:12	Name: OPTABLE_VISITOR Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjIxSDdIakNVZzdWWUtlSkpYMkxWTExtRkpwayIsIm5ldyI6dHJ1ZSwiZXhwIjoxNjUzMzcyMDcyfQ.Hi-O55LlOydtau2THXCaNlmRtu2K6UzxZpmuNPb6xXnN7AhxBMa9t72Vx-fu5zWDfQCEicYYkKF09AXh8gOENA
optable.lapresse.ca/	1969-12-31 23:59:59	Name: GCLB Value: CO7B88ye9OKtKQ
.scorecardresearch.com/	1970-01-20 16:09:54	Name: UID Value: 172DUAAE2JI6GBS6BQV8YMg1637586073
.demdex.net/	1970-01-20 03:12:18	Name: demdex Value: 69103331988355342034317749239065217927
.lapresse.ca/	1969-12-31 23:59:59	Name: AMCVS_842235765AFA9B840A495D4A%40AdobeOrg Value: 1
.lapresse.ca/	1970-01-20 16:24:18	Name: _ga Value: GA1.2.1113408229.1637586073
.lapresse.ca/	1970-01-19 22:54:32	Name: _gid Value: GA1.2.989015547.1637586073
.lapresse.ca/	1970-01-19 22:53:06	Name: _gat_UA-2513326-39 Value: 1
www.lapresse.ca/	1970-01-19 22:53:07	Name: _sp_ses.2863 Value: *
www.lapresse.ca/	1970-01-20 16:24:18	Name: _sp_id.2863 Value: ceceb35d-fe3e-425c-8a0d-3c8fc19f5cc0.1637586073.1.1637586073.1637586073.ccd11a74-800f-46b3-b0ee-2890a33be023
.lapresse.ca/	1970-01-20 07:39:03	Name: ab.storage.sessionId.bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed Value: %7B%22g%22%3A%22ed71be4b-b3a3-de41-35e4-10d6d1c8ccaf%22%2C%22e%22%3A1637587873106%2C%22c%22%3A1637586072558%2C%22l%22%3A1637586073106%7D
.creativecdn.com/	1970-01-20 07:38:42	Name: u Value: pJL97Evrb7pkyCTe8mqf
.creativecdn.com/	1970-01-20 07:38:42	Name: ts Value: 1637586073
.advertising.com/	1970-01-20 07:40:08	Name: APID Value: UP454c3d83-4b94-11ec-b1e4-02530ff24d37
.sitescout.com/	1970-01-20 07:38:42	Name: ssi Value: e2efba38-07d8-46ae-bc18-b4764a8326c1#1637586073150
.sitescout.com/	1970-01-19 23:36:18	Name: _ssuma Value: e30
.bidr.io/	1970-01-20 08:21:36	Name: bito Value: AAAvS07DNykAACvY_STVRQ
.bidr.io/	1970-01-20 08:21:36	Name: bitoIsSecure Value: ok
.dotomi.com/	1970-01-19 22:53:06	Name: DotomiTest Value: 678149323a6708ed
.yahoo.com/	1970-01-20 07:39:03	Name: A3 Value: d=AQABBJmUm2ECEETD3LDOLXeOW2PPVvcbEaIFEgEBAQHmnGGlYQAAAAAA_eMAAA&S=AQAAAk8VVQlajZ7iSfqkn58LMgE
ca-lapresse-prod1.collector.snplow.net/	1970-01-20 07:38:42	Name: sp Value: 726a3110-2783-4d6a-af2c-1a139c8ee8fb
.analytics.yahoo.com/	1970-01-20 07:40:08	Name: IDSYNC Value: 18ym~21od
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP454c3d83-4b94-11ec-b1e4-02530ff24d37
.yahoo.com/	1970-01-19 22:54:32	Name: APIDTS Value: 1637586073
.everesttech.net/	1970-01-20 07:38:42	Name: everest_g_v2 Value: g_surferid~YZuUmQAAAEqEcgQE
.agkn.com/	1970-01-20 07:38:42	Name: ab Value: 0001%3AiCjDHQSi%2F6hMKfxESxNErbKry83D3jct
.33across.com/	1970-01-20 07:38:42	Name: 33x_ps Value: u%3D1723693390865%3As1%3D1637586073400%3Ats%3D1637586073400
.doubleclick.net/	1970-01-20 16:24:18	Name: IDE Value: AHWqTUnY9JC9DZBqWUjMXIgVq5xnFbLx8-JJsPxMcMkS0tXUOZTPK1LRfBcqlMNMMEo
.demdex.net/	1970-01-20 03:12:18	Name: dextp Value: 21-1-1637586073170\|601-1-1637586073276\|771-1-1637586073423
.dpm.demdex.net/	1970-01-20 03:12:18	Name: dpm Value: 69103331988355342034317749239065217927
.lapresse.ca/	1970-01-20 08:14:42	Name: __gads Value: ID=91271a3ce4dbdf5d:T=1637586073:S=ALNI_Mbq1BUpBx2G_cP4mWJ43osD9Vndww
.lapresse.ca/	1970-01-20 16:24:18	Name: AMCV_842235765AFA9B840A495D4A%40AdobeOrg Value: -1712354808%7CMCIDTS%7C18954%7CMCMID%7C68488456662611031354253132769312059619%7CMCAAMLH-1638190873%7C7%7CMCAAMB-1638190873%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1329931071%7CMCOPTOUT-1637593273s%7CNONE%7CMCSYNCSOP%7C411-18961%7CvVersion%7C4.3.0
.districtm.io/	1970-01-19 23:19:01	Name: _dm_uid Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FhQXJJR0d6SXhTRGRJYlhwNVluVndkRWRVUVVOU1V6bEVXa054U2pFM1Vib0dOd2lSVGhJeVpUSmxabUpoTXpndE1EZGtPQzAwTm1GbExXSmpNVGd0WWpRM05qUmhPRE15Tm1NeExUWXhPV0k1TkRrNUxUUXpOREc2QmlBSWwwNFNHMEZCUVVSTE9VVTViRFZYWDFOUlRscHRhMlZJUVVGQlFVRkJRYm9HR3dpcFRoSVdRVUZCZGxNd04wUk9lV3RCUVVOMldWOVRWRlpTVWJvR0F3aXFUcm9HR1FpclRoSVVjRXBNT1RkRmRuSmlOM0JyZVVOVVpUaHRjV2E2QmdNSXJrNjZCZ01Jc0U2NkJsQUl3MDRTUzNrdE5WRlBTazFoYUVVeWRVVklXbGt1ZGpsUWEzTlJlbmRQY2xGNlNFZFFaRjkrUVg1VlVEUTFOR016WkRnekxUUmlPVFF0TVRGbFl5MWlNV1UwTFRBeU5UTXdabVl5TkdRek53PT0iLCJpYXQiOjE2Mzc1ODYwNzN9.-tXOCm7HpncO8oDTKBDy-Dv2WWVKX_BPIa86vaz9ZpgYRXmGNfzk-ExQUs5wLeSeKz2VTlAN27KEvPheOEMK7A

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48097ffd46b4062a236c2102462070ba.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.rubiconproject.com
ads.yahoo.com
ads.yap.yahoo.com
adservice.google.ca
adservice.google.com
c1.adform.net
ca-lapresse-prod1.collector.snplow.net
cdn.districtm.io
cdn.jsdelivr.net
cdn.optable.co
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d39kx4ztdxg7cf.cloudfront.net
districtm-match.dotomi.com
dmx.districtm.io
dmx.us-east-33.districtm.io
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
files.lpcdn.ca
fsm.lapresse.ca
geo.yahoo.com
gu.dyntrk.com
hb.districtm.io
ib.adnxs.com
id.rlcdn.com
js-sec.indexww.com
js.appboycdn.com
lapress.demdex.net
lapresse-ca.lapresse.ca
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
mobile-img.lpcdn.ca
optable.lapresse.ca
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
px.owneriq.net
rtb.adentifi.com
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.iad-06.braze.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.lapresse.ca
static.lpcdn.ca
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
syndication.twitter.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
use.fontawesome.com
weather-api.lapresse.ca
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lapresse.ca
pixel.rubiconproject.com
104.16.190.66
104.16.68.69
104.244.42.72
107.178.246.49
13.249.184.35
13.249.184.58
13.249.184.9
13.35.77.64
13.35.77.80
142.250.176.194
142.250.72.98
142.250.80.38
151.101.1.208
151.101.193.108
151.101.194.49
156.154.202.36
18.196.86.6
18.214.61.128
18.233.78.203
185.167.164.51
185.184.10.30
199.38.167.129
2001:4998:14:800::1001
2001:4998:58:207::6000
207.198.113.178
209.54.180.144
216.200.232.249
23.41.168.244
23.64.107.8
23.73.244.44
2600:1f18:4e9:5a05:915b:1f70:c370:1ea5
2600:9000:2105:6c00:5:18cb:8bc0:21
2606:4700:10::ac43:7e2
2606:4700:20::681a:bd1
2606:4700:3031::ac43:d645
2606:4700::6810:5814
2606:ae80:1471:17::1050
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::2003
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2006
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:823::2004
2607:f8b0:4023:1404::9d
2620:112:f002:bbbb::21
2a03:2880:f03a:1c:face:b00c:0:3
3.208.223.190
3.218.90.66
34.120.235.16
34.194.203.220
34.200.131.242
34.200.88.28
34.227.185.199
35.190.60.146
35.231.227.177
35.244.159.8
35.244.223.138
35.71.131.137
50.16.197.56
51.161.117.181
52.20.125.49
52.201.9.166
52.45.81.9
54.194.191.134
54.81.254.118
65.8.20.91
67.202.105.24
68.67.161.205
69.173.144.138
72.21.91.66
74.6.138.64
8.43.72.97
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
0128a181cbd6e99c4f85e12e02affd29f32a4e95561d043b26bbb8f4f3e30b1b
0541499190c257a83eb557812148f5bce92574373eda8555b3c0fa5163df3cd9
08153ebc7d42d5d97501540301c0762b83fc730e7fe98c3d7d5a3e6d6a4fc43f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d004688c894ca15df2457a3527f2298e631915591060943334b31adc5a51d2b
15fcbdf7160a81ca10684069e88fc8010aff0fe7150665b07d21b1562b5a539e
16b7888898abf64320bc050b8b5d6130512009e4cd3bc7a79c4aa7fef86dd1b5
19a53be6347aa2ebec3634d99cfb18eb277311edc4965901b4bdb2d59c15a6df
1a80a293745a0c39d9eae6ec40ebf4bf8465b46fe4bc1c6db1c8651da52e4356
1b43cbcafd6fcb33ab93e3641e67ed9a5491c6bb95c8392698d88cbb5f0222b7
1de0a74259ae0017386fae67b4cd8586460570d207734fcd09b9aaf6a29f0171
204d0de2d8adccee84967a32fe68ad01bf8ea288c806952c5880a2db1719cc70
20d7630a0fabc88d21d080ef487395f8d5ad2ce0170d57e967b11739ef4924f5
21f118ea75270909f3b2004ae5530de752fa63f91bb5122d609127feda685eca
246eb714db7565cf5da65b96b8f18e7e061d13907fc658916ec53091b40393dd
24becdf0e263b4503af3fc72edabf21a8df2a948c03c1271bb31ecf922cea28f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
2a504894c44581c1552170d55d1baf71ea09fd53e660df6f32854fdc9fe3d53e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3234fa537ac6154c31a5e888d736d573e80508080211ce66fe88bdd31d3fdf60
334a7e3d2c50ba3ba1ee01293971a9a1791d677c8585e29ddfef4ab4c1d923ab
3bd51cb5cb5b3b445981ca346b8c9eea6cffd5715bc3271856fd5278dc7abc22
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd55e43ca618a7ce8cb369f5ef50a642d8ecdc09f979c2e8687474309249d07
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4139e5067afd379f2f574daa7e70bc7b1b87ee70dab5af68e86cf454a4d1070f
4180807dcfad3955a763023d3fcb3f3893ff45ea66acb19f8c247ff4d26f2f8d
437a53c326217512efd3f9abe52a547e7c27cdf0c121a2c3fc8d611947abc800
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444eb134c281ef5d78e2c6acd745d6dec96428bc23923a9888f514294a1bb625
4653198d7bcbf52847fdb2f1aa7b67f58742a4f38a21562ddc32416564da16bd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
49b77fabfb27ea9d3e838a9d63d0856e5f993f2116f5f59c84cdc78d81416ce2
4a6fc4a5df0894ff4954c36608cb2853c1cd6b54a3563df54831322a67ca538f
4baaa254820b6daef2b169f3cda417efbf6f442ec482f0da0dee98858898d391
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50030e1cf1d7be1d3080a7caf68057c49ea1a2265beaabe45c98c7244b2e3756
517310c55e9701db6091fb5e4dbe37ee7bf6b9364a27e0e54d997324c2c8bb8b
54ff0396cce949d16c07b465404e2469db235f7b6073f4695c3b09b35516253e
55e3de51e63ab544e40dc3c2e66d18f1e715904dba9c49c2744e9a35d48fdce9
56e5a6cd17196bcacaab7da3ff9fc25973b582b2370c02da054f05f0068bb9b6
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5bb0534fa3edb76529b308cbaf86eac8645fda205c9da1f9542ac351d5caa3e0
5cea7a0a46e4ea964a2d42d6ca2e347ff23f8eaf83d3b8eb54aa3cd96ee1bbb9
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5eda896fbd669382f68454ff2d967dd5c8ba438876b775d5a45997b2cb8d0957
60438051fefee99ef395bd5f02e2c9c8169636c89f0bc4de012fcb5c333824d0
6310d39bb030783852605dc4ecfdd8c029a1d07dbe6eb224a11ea259ef43c45d
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
69ca716f12f2a03e5ec28b1ece2fe38e04359f5e9ca6d7c8bb8bd9b2a51633d4
6ae876dbc449eb25080b61551b7f6a35960089b556311f022787325c2bbe53c1
6cf0714c8a65a93adfd9b25e551d1b0e1bf2167a72cbfefb3baab24a13ba0536
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d74e808a5027462ee7a56989792f2cb24e065f5e966e30ada8d4642e83bb8ae
6e64a7c9eaea7330de8b2fcb04fff3d8eddddfdd8c943cd27d0995df89f1f6f2
6f30d91aefd78e260dc3345773c8467ceeb7bcb9ac9231a585255c21961d6146
74c1bc29cd819147fc96c56eb19ec4a42bdb948b3591555835f4dd413a831ed4
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
78bc91412d2ae4d426900bd710e6a788821c8865cf43918098edf3f98ca8455b
7a60eca89c8c684b921fd907e4025a3f5948537dbfcdbc334134138b8f2aad4a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eb33fd2403ff14a633244bfdf48a1763bb2cb1935dc575968d67e33f5a92daa
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8089ef5ac8ac7bce38012173e18eae16b8f9b818d89d0656e78b434e5d787014
8231b24e1bfe1c56048b991b2810ea11b7571c6ded588f0f639f9782cd43dd1a
83184f12fc59ad7640ec19e1f200fd1636f39dd400d55bd5d26e07f6235c636d
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83c66cef4e45d0922ebe4908c277b7d9af2b8edd22d1e5a6b2971108c5c44be0
842c1071c98373baac27ab0fd698e462be07b90e37d00bfdadddda15a7fb204a
853b8bc242390ea27990b69591a49a79ec63aab7d0c98eb70e81ead05a805a4b
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8daf1b7c0b05ca902c75c068e739db23dd67bc2dca3e1ab565da88a413dbc36f
8e36837daa738d02ce1b10873e8fa1125001775d7a1affc3276125fd478d9faf
8eb7acd7dd23fb4531a9b3485312a2a43a42b6a7fd1180c275561d15679dca06
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
92f9aa355574f1d2d1d84a8f15dca197ad4bfcab43b77d2754738b92f96dbc14
94a1ba82117812909ad09ee95455ada0939b197b580d54cfc39926d137c97b81
99ac816b389ee1637433b4b96ab4ec0d7a96677760c74267860a76de52556799
9ae8beb4a17cedab42085fb9ff9694700f468f2166e8aee9998e325a19dce5a2
9b1e8085d927bc7de200f56905ec94d33d1c0c450faa766dab19754cb9cfc578
9c221f81130938a9aea113296583f96047dd14b7571b682e8a187066cdf76771
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9de61e723f71ecad9e2966704febad3226eeb4b415236246d06ea41f43fad3bf
9f129d64cf5c8c8e8df1fc4c01362d078635a20695ce26ec483efa955048b5b1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3bef76330a5deba39c664a0b64f604a4b058ba07168fc1a84a2596d6dae0fae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863f2ec0bcae807b2fe2748af5d97f1afeab76c60c6883cc7a173761ac202ab
aac3128d6419242d76b8eaf21e78c207472a9f01fb79f0c50d3afa430b67e6d4
ab258e0c74a6102c5388fdeda986c1644fcd43b6eb798e8a3a3e7b8e58fb5824
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ff195ce33ad293590e06bead291c48559298da0715c3c4aa0d3b0b035ee9d6
b4326b5e09d4424d88ea728d52e2bba25b6d9c9b8a4b13482be46c4eb609b711
b4c030d5a0d098f7f7a43370527da53c8344d6979a7b5e5bb3575cbbe2b9d066
b4d2772232d1e5db301df00d95d51149059792ea240faf33f2d078fc2f42018d
b51d31d982ac0ce6d3c3435807e7278b7359e808e57d213a20312de841afcc75
b5292ee5c28832f36ee3d1ffe6b87143a29b5de792d071391385d3e7c338bebf
b6d18225d8363a817e5cb6e8c4ef918a3f5534464eb88a18d94aa8caf96988c0
b8fb3cb31828e7915420bd564c7297f2eebc88fa22ec3a9a3333f84b37f7b403
b96180cdec895bb584b86716d5647ad77933dbf562f17942f9eed425c5012819
b9fa1e983879d28bdbf5a2a40a51a80bf9550ec8e6b120b773ac76770a4f218a
ba240e4860fc14034e5ca168222bf1c88ba0f381250840c1dce3a399062bfa45
ba31e66dd95fdf9dad3be23972794667d4946a4d964d208e7fded9a48052a401
baaa049804efecbdf7d01549091335de23ba5170512bbb19fbfca327714272db
bac2e52762088b462c7ae6dff6fa381d1c0e42514af3d09775b64a7f47951920
bb2174b93d2fcaa521dc22c41b529ff95bcc4d0575d70a294aead6ef0ef0b8a2
bbbd66b5291d67dad41dec9d04e7fb501845a6e15a81e1937c750c58f4e8563d
bbca6de5c81aeefb79cea77af6e0e799c2a148255009b7776295fcaeaeb54364
bd81fc897dcd430d6e6646357b912943aaa0d3a1bcd87068980566584ddebf23
c01f493d5c40e136be8dbd138ca4cfa0b1f77360f3461d68155f0709c4c2dc29
c05f3db120fb434fddd052b8596d0cd0dacdc7128f983bd8b25f4eae1bfe2c84
c1bf0da7843dd67bf57b7221a0d7d599bf4000fadf5fb0d80d7991f2b4080d76
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c57c341aee2d91104e36e6068c45790257944f3d3df018aa510e60a623c05058
c6113ccc2354b5754909297b702088f288468b6547a649eab88dfe1cac540b27
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c91c101c1d012df39016ad8e9efdbe1936ef093c2ad6058f765c4482ce7980f6
c97e907849823ff8c50e47b5718f4a0b9cd0cf17e1fc49084f6a438351e16cc7
c9d76515a18d30216d32fdd84741646efbeb20a6d5acbf21d31b17d0a3cafa8d
cd387609fa550bb68f521d047df0a8cea3016321e0714444b9459b8c5109e7bf
ce5966d984a46d12ce670445adec7ee93df28586850028e6b63b2051b9233b40
ced193b5b6e135bcf3d6db8ed36b3da78065a963acd7133368f1a087b5e8bd8e
cf063c6a0281b5056749a88288e7130ca0305dcea4fa396d45d8e498f252cf4f
cf94621194b49d5d19ba1a2ae457775f42d4a05f676d76c8a42996ff01fcc2d1
d3d486c7e3bd045b501ddbc559be1ec8a1fb68a5a8d2d7fadb2562ddb88e8186
d6c0de90c5d16ee3825a68ef59d10451d7bcb947f41d83f93eb8b7bc465f7622
d9ef98de23379bca12097fcab0eb9fbc8193fc2a9855199598dc291a0a450b8b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3a55748fbc623e75f1ff889caa430f920d71f3379b82deeb85e867d35b7e78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467e1354ec82b4ff98938872632fde03a71f319cece7f22127259d7ca69ab6a
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
e567f76bf185f9bb907fce2fde1a537baf37baa91ece69c0d3f86051c8535c17
e5fa2e3df26c172af0eb3de60ce45d337929fced38a9f8a9537f750906a8cb1c
e71b733ab44e48c665a59c1c3adcd2bdec3387139c2b0ca8e887737c5bf0e814
e7a0a2d645ecba219065474f28bec1cb9f1b6d6f25d0d7fb90777e0768abe569
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
eb379bea45cd70f583ea35c9af2e9c3a7df37f8f53219199bd38865c1c0e2c8f
ed4d88e7a318e40bdaf24feeb7e5540034414da64b75e1889c9f6f72d85c8b79
ed748f1d8bde54b47c50c3389ab131ff86b26157a214275c913e0a1463e425e7
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4b47070cb489df28eca6baa45dd7c7ea7b1d84c8844b51d90de89baf153db7
f0499d0a6911c90063c2766d2ead550ddacc7d192ecc8808daf1b795c3a2bf0b
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f83973363321de5ac82112336e02967d0c02478db2bf68580b9a70dd80ac51f7
fd076a12e541f392e8506989cb51a0cc9f5f01de45bf257c7c90e20af029dc79
fee2363b66d194b5339868dc1c5a3cd6fb4635361663eff949a5410b66c5c1a6

www.lapresse.ca Open in urlscan Pro 13.249.184.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

261 Requests

80 %HTTPS

29 %IPv6

52 Domains

84 Subdomains

58 IPs

5 Countries

2138 kBTransfer

5294 kBSize

36 Cookies

23 Outgoing links

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.lapresse.ca Open in urlscan Pro
13.249.184.35 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

80 %
HTTPS

29 %
IPv6

52
Domains

84
Subdomains

58
IPs

5
Countries

2138 kB
Transfer

5294 kB
Size

36
Cookies

261 HTTP transactions
3 data transactions