urlscan.io logo urlscan.io
SecurityTrails logo

toronto.ctvnews.ca Open in urlscan Pro
184.50.210.146  Public Scan

Go To Rescan Add Verdict Report
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Submission: On July 13 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 6 countries across 94 domains to perform 322 HTTP transactions. The main IP is 184.50.210.146, located in Piscataway, United States and belongs to AKAMAI-AS, US. The main domain is toronto.ctvnews.ca. The Cisco Umbrella rank of the primary domain is 155134.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 22nd 2022. Valid for: a year.
This is the only time toronto.ctvnews.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
73 184.50.210.146 16625 (AKAMAI-AS)
5 23.77.174.20 16625 (AKAMAI-AS)
2 2600:9000:24f... 16509 (AMAZON-02)
2 104.19.149.54 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 3 104.127.84.215 16625 (AKAMAI-AS)
5 2600:141b:e80... 20940 (AKAMAI-ASN1)
1 151.101.130.133 54113 (FASTLY)
1 129.159.113.125 31898 (ORACLE-BM...)
4 2607:f8b0:400... 15169 (GOOGLE)
3 108.138.107.138 16509 (AMAZON-02)
2 141.148.8.2 31898 (ORACLE-BM...)
3 54.148.67.156 16509 (AMAZON-02)
5 2606:2800:220... 15133 (EDGECAST)
2 4 18.164.96.18 16509 (AMAZON-02)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 2a04:4e42::714 54113 (FASTLY)
1 35.241.9.51 15169 (GOOGLE)
6 9 68.67.160.184 29990 (ASN-APPNEX)
7 34.107.254.252 396982 (GOOGLE-CL...)
1 2a04:4e42::485 54113 (FASTLY)
1 35.160.206.4 16509 (AMAZON-02)
1 1 3.86.134.181 14618 (AMAZON-AES)
1 63.140.36.148 16509 (AMAZON-02)
1 108.138.126.121 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
1 34.200.186.237 14618 (AMAZON-AES)
2 104.244.42.136 13414 (TWITTER)
7 3.224.24.205 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
1 2620:100:a001... 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2a03:2880:f10... 32934 (FACEBOOK)
14 17 142.250.65.194 15169 (GOOGLE)
2 17 52.46.128.147 16509 (AMAZON-02)
4 24 192.40.39.223 27381 (CASALE-MEDIA)
1 1 2600:9000:220... 16509 (AMAZON-02)
4 4 34.171.234.26 396982 (GOOGLE-CL...)
4 9 44.209.72.229 14618 (AMAZON-AES)
8 96.17.65.140 16625 (AKAMAI-AS)
6 6 3.225.218.10 14618 (AMAZON-AES)
1 1 23.105.12.159 30633 (LEASEWEB-...)
9 9 3.33.220.150 16509 (AMAZON-02)
3 3 52.44.61.78 14618 (AMAZON-AES)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 2 169.197.150.7 398989 (DEEPINTENT)
1 2 3.222.197.118 14618 (AMAZON-AES)
10 10 35.211.178.172 19527 (GOOGLE-2)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
2 44.199.66.14 14618 (AMAZON-AES)
3 3 72.251.232.230 32475 (SINGLEHOP...)
3 3 185.167.164.43 198622 (ADFORM)
2 2 8.43.72.97 26667 (RUBICONPR...)
2 3 151.101.130.49 54113 (FASTLY)
3 3 207.198.113.87 13768 (COGECO-PEER1)
2 2 192.35.249.138 11742 (SPOTX-IAD)
6 9 69.173.151.100 26667 (RUBICONPR...)
1 67.220.228.202 16509 (AMAZON-02)
2 5 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2620:1ec:21::14 8068 (MICROSOFT...)
4 13 52.223.22.214 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.103 16509 (AMAZON-02)
1 1 13.33.60.65 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 50.31.142.223 22075 (AS-OUTBRAIN)
1 1 104.76.100.229 16625 (AKAMAI-AS)
6 107.20.233.118 14618 (AMAZON-AES)
1 23.105.14.97 30633 (LEASEWEB-...)
2 2 23.105.12.137 30633 (LEASEWEB-...)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 1 80.77.87.163 46636 (NATCOWEB)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 1 8.39.36.142 26667 (RUBICONPR...)
8 8 67.202.105.21 32748 (STEADFAST)
1 1 67.202.105.31 32748 (STEADFAST)
1 67.202.105.33 32748 (STEADFAST)
2 23.54.68.197 16625 (AKAMAI-AS)
7 34.117.239.71 396982 (GOOGLE-CL...)
6 6 2606:ae80:145... 25751 (VALUECLICK)
1 3 104.36.115.113 62713 (AS-PUBMATIC)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 1 199.38.167.131 54312 (ROCKETFUEL)
1 30 8.28.7.83 62713 (AS-PUBMATIC)
6 6 54.156.72.60 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 23.105.12.136 30633 (LEASEWEB-...)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 44.194.73.244 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 34.230.233.1 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.214.185.196 15169 (GOOGLE)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 54.175.95.162 14618 (AMAZON-AES)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 162.248.18.34 62713 (AS-PUBMATIC)
1 1 52.21.85.14 14618 (AMAZON-AES)
2 2 52.1.101.178 14618 (AMAZON-AES)
1 1 165.254.203.172 2914 (NTT-LTD-2914)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
1 82.145.213.8 ()
4 4 199.127.204.171 ()
1 1 172.104.105.5 ()
1 35.186.193.173 ()
1 1 20.85.134.6 ()
1 195.5.165.20 ()
1 23.88.86.2 ()
2 2 23.220.11.204 ()
1 2 35.244.159.8 ()
1 54.163.78.196 ()
1 52.7.14.2 ()
1 52.48.172.146 ()
1 1 34.102.253.54 ()
1 1 64.227.64.62 ()
1 104.18.10.47 ()
1 151.101.193.108 ()
2 18.214.58.121 ()
1 104.18.11.47 ()
322 80
73    184.50.210.146 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-210-146.deploy.static.akamaitechnologies.com
toronto.ctvnews.ca
static.ctvnews.ca
www.ctvnews.ca
beta.ctvnews.ca
5    23.77.174.20 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-174-20.deploy.static.akamaitechnologies.com
z.moatads.com
2    2600:9000:24f1:4600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    104.127.84.215 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-84-215.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
secure-assets.rubiconproject.com
5    2600:141b:e800:1487::1e80 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    129.159.113.125 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
bellmedia-ash.gscontxt.net
4    2607:f8b0:4006:80f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
2    141.148.8.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
geo.moatads.com
3    54.148.67.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-67-156.us-west-2.compute.amazonaws.com
dpm.demdex.net
5    2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    18.164.96.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-18.jfk50.r.cloudfront.net
sb.scorecardresearch.com
6    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co
9    68.67.160.184 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    35.160.206.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-206-4.us-west-2.compute.amazonaws.com
bellmedia.demdex.net
1    3.86.134.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-134-181.compute-1.amazonaws.com
cm.everesttech.net
1    63.140.36.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-148.data.adobedc.net
bellmedia.sc.omtrdc.net
1    108.138.126.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-126-121.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
8    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.200.186.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-186-237.compute-1.amazonaws.com
ping.chartbeat.net
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
7    3.224.24.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-24-205.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    2607:f8b0:4006:81e::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
2fb850df14fece17fe5bbeb86be27d0b.safeframe.googlesyndication.com
3    2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)
www.facebook.com
17    142.250.65.194 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
17    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
24    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    2600:9000:2209:e400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
9    44.209.72.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-72-229.compute-1.amazonaws.com
match.sharethrough.com
8    96.17.65.140 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-65-140.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    23.105.12.159 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
9    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    52.44.61.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-61-78.compute-1.amazonaws.com
pm.w55c.net
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    3.222.197.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-197-118.compute-1.amazonaws.com
um2.eqads.com
10    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.marketiq.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    44.199.66.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-66-14.compute-1.amazonaws.com
rtb.adentifi.com
3    72.251.232.230 (Santa Clara, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
3    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
9    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    2600:1f18:4e9:5a01:489a:e998:102d:89d7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
13    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
7    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    52.85.61.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-103.ewr53.r.cloudfront.net
static.freeskreen.com
1    13.33.60.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-65.ewr52.r.cloudfront.net
cm.smadex.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    50.31.142.223 (Itasca, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.76.100.229 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
stags.bluekai.com
6    107.20.233.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-233-118.compute-1.amazonaws.com
sb.freeskreen.com
1    23.105.14.97 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.97.rdns.racklot.com
ww1772.smartadserver.com
2    23.105.12.137 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
2    2600:1f18:612b:4216:d63e:7fe5:39af:1906 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
scm.publishers.tremorhub.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadeu.exelator.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
8    67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
hde.tynt.com
2    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
6    2606:ae80:1451:17::1370 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    2607:f8b0:4006:80e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
30    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
6    54.156.72.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-72-60.compute-1.amazonaws.com
match.prod.bidr.io
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    44.194.73.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-73-244.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    34.230.233.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-233-1.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.214.185.196 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 196.185.214.35.bc.googleusercontent.com
csync.loopme.me
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    54.175.95.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-95-162.compute-1.amazonaws.com
thrtle.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    52.21.85.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-85-14.compute-1.amazonaws.com
sync.ipredictive.com
2    52.1.101.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-101-178.compute-1.amazonaws.com
ads.creative-serving.com
1    165.254.203.172 (United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
4    199.127.204.171 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    172.104.105.5 (None, )

ASN- ()
gocm.c.appier.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    20.85.134.6 (None, )

ASN- ()
mweb.ck.inmobi.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
2    23.220.11.204 (None, )

ASN- ()
px.owneriq.net
2    35.244.159.8 (None, )

ASN- ()
us-u.openx.net
1    54.163.78.196 (None, )

ASN- ()
crb.kargo.com
1    52.7.14.2 (None, )

ASN- ()
sync.bfmio.com
1    52.48.172.146 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    64.227.64.62 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    104.18.10.47 (None, )

ASN- ()
js-sec.indexww.com
1    151.101.193.108 (None, )

ASN- ()
acdn.adnxs.com
2    18.214.58.121 (None, )

ASN- ()
prebid-a.rubiconproject.com
1    104.18.11.47 (None, )

ASN- ()
cdn.indexww.com
Apex Domain
Subdomains		 Transfer
73 ctvnews.ca
toronto.ctvnews.ca — Cisco Umbrella Rank: 155134
static.ctvnews.ca — Cisco Umbrella Rank: 188481
www.ctvnews.ca — Cisco Umbrella Rank: 68065
beta.ctvnews.ca — Cisco Umbrella Rank: 129181
6 MB
37 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 812
image2.pubmatic.com — Cisco Umbrella Rank: 1036
simage2.pubmatic.com — Cisco Umbrella Rank: 797
image4.pubmatic.com — Cisco Umbrella Rank: 1305
simage4.pubmatic.com — Cisco Umbrella Rank: 1338
38 KB
33 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3115
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 999
fastlane.rubiconproject.com — Cisco Umbrella Rank: 552
eus.rubiconproject.com — Cisco Umbrella Rank: 616
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199
token.rubiconproject.com — Cisco Umbrella Rank: 652
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5906
prebid-a.rubiconproject.com
180 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
148 KB
24 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
dsum.casalemedia.com — Cisco Umbrella Rank: 1666
21 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025
75 KB
15 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1203
events-ssc.33across.com — Cisco Umbrella Rank: 2618
5 KB
14 googlesyndication.com
2fb850df14fece17fe5bbeb86be27d0b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
106 KB
13 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
6 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
5 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
5 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 469
acdn.adnxs.com
24 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
5 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
6 KB
9 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2805
api.permutive.com — Cisco Umbrella Rank: 2037
232 KB
7 freeskreen.com
static.freeskreen.com — Cisco Umbrella Rank: 61872
sb.freeskreen.com — Cisco Umbrella Rank: 47513
35 KB
7 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 978
syndication.twitter.com — Cisco Umbrella Rank: 1152
163 KB
7 moatads.com
z.moatads.com — Cisco Umbrella Rank: 639
mb.moatads.com — Cisco Umbrella Rank: 832
geo.moatads.com — Cisco Umbrella Rank: 742
107 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 610
3 KB
6 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 4647
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4489
casale-match.dotomi.com
2 KB
5 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8420
ww1772.smartadserver.com — Cisco Umbrella Rank: 69936
sync.smartadserver.com — Cisco Umbrella Rank: 1567
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
2 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 719
dis.criteo.com — Cisco Umbrella Rank: 608
gum.criteo.com — Cisco Umbrella Rank: 405
mug.criteo.com — Cisco Umbrella Rank: 2102
8 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 411
103 KB
4 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 660
268 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
2 KB
4 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1111
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
1 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
3 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
bellmedia.demdex.net — Cisco Umbrella Rank: 104289
6 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
196 KB
3 1rx.io
sync.1rx.io
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 524
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 756
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1657
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
28 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
mab.chartbeat.com — Cisco Umbrella Rank: 2501
34 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 openx.net
us-u.openx.net
529 B
2 owneriq.net
px.owneriq.net
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5256
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1499
684 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 893
s.tribalfusion.com — Cisco Umbrella Rank: 1946
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1667
833 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
60 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1868
hde.tynt.com — Cisco Umbrella Rank: 4546
3 KB
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8468
2 KB
2 tremorhub.com
scm.publishers.tremorhub.com — Cisco Umbrella Rank: 48018
636 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 573
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
774 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 794
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1366
69 B
2 marketiq.com
rtb2-useast.marketiq.com — Cisco Umbrella Rank: 6258
760 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4101
563 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1137
594 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
89 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1560
97 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 playground.xyz
ads.playground.xyz
465 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
397 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
504 B
1 truffle.bid
matching.truffle.bid
1 iprom.net
core.iprom.net
279 B
1 inmobi.com
mweb.ck.inmobi.com
349 B
1 ctnsnet.com
ipac.ctnsnet.com
370 B
1 appier.net
gocm.c.appier.net
436 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
650 B
1 opera.com
t.adx.opera.com
413 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
1 KB
1 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6888
701 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1072
554 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1061
225 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3199
308 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1453
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
932 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
592 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 651
961 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1634
3 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
790 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1124
647 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 597
752 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 258
669 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 2517
618 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 9084
375 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1891
350 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 822
532 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1242
201 B
1 omtrdc.net
bellmedia.sc.omtrdc.net — Cisco Umbrella Rank: 99764
344 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
1 KB
1 prmutv.co
289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co — Cisco Umbrella Rank: 140410
396 B
1 gscontxt.net
bellmedia-ash.gscontxt.net — Cisco Umbrella Rank: 111468
1 KB
1 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 2636
434 B
322 94
Domain Requested by
40 www.ctvnews.ca toronto.ctvnews.ca
30 static.ctvnews.ca toronto.ctvnews.ca
static.ctvnews.ca
20 simage2.pubmatic.com 1 redirects ads.pubmatic.com
17 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
match.sharethrough.com
ads.pubmatic.com
17 cm.g.doubleclick.net 14 redirects eus.rubiconproject.com
eb2.3lift.com
14 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
um2.eqads.com
13 eb2.3lift.com 4 redirects micro.rubiconproject.com
eb2.3lift.com
ads.pubmatic.com
10 image2.pubmatic.com ads.pubmatic.com
10 x.bidswitch.net 10 redirects
9 match.adsrvr.org 9 redirects
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 ssc-cms.33across.com 8 redirects
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
sb.freeskreen.com
hde.tynt.com
micro.rubiconproject.com
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
toronto.ctvnews.ca
7 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
ads.pubmatic.com
7 tpc.googlesyndication.com toronto.ctvnews.ca
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 ssum-sec.casalemedia.com 2 redirects micro.rubiconproject.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
7 prebid-server.rubiconproject.com micro.rubiconproject.com
ssum-sec.casalemedia.com
toronto.ctvnews.ca
eb2.3lift.com
hde.tynt.com
7 api.permutive.com cdn.permutive.com
6 match.prod.bidr.io 6 redirects
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 sb.freeskreen.com static.freeskreen.com
toronto.ctvnews.ca
eus.rubiconproject.com
6 ups.analytics.yahoo.com 6 redirects
6 ib.adnxs.com 3 redirects cdn.permutive.com
micro.rubiconproject.com
acdn.adnxs.com
5 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 platform.twitter.com toronto.ctvnews.ca
platform.twitter.com
5 assets.adobedtm.com toronto.ctvnews.ca
assets.adobedtm.com
5 z.moatads.com toronto.ctvnews.ca
z.moatads.com
4 static.xx.fbcdn.net www.facebook.com
4 token.rubiconproject.com 4 redirects
4 um.simpli.fi 4 redirects
4 sb.scorecardresearch.com 2 redirects toronto.ctvnews.ca
4 www.googletagservices.com toronto.ctvnews.ca
3 sync.1rx.io 3 redirects
3 ad.turn.com 3 redirects
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 pixel-sync.sitescout.com 3 redirects
3 secure.adnxs.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 c1.adform.net 3 redirects
3 cm.adgrx.com 3 redirects
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 pm.w55c.net 3 redirects
3 www.facebook.com connect.facebook.net
3 dpm.demdex.net assets.adobedtm.com
toronto.ctvnews.ca
3 c.amazon-adsystem.com toronto.ctvnews.ca
c.amazon-adsystem.com
2 casale-match.dotomi.com 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 us-u.openx.net 1 redirects
2 px.owneriq.net 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 ads.creative-serving.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 33across-match.dotomi.com 2 redirects
2 ads.pubmatic.com hde.tynt.com
ads.pubmatic.com
2 loadeu.exelator.com 2 redirects
2 scm.publishers.tremorhub.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
2 sync.search.spotxchange.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 rtb.adentifi.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 rtb2-useast.marketiq.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 match.deepintent.com 1 redirects ssum-sec.casalemedia.com
2 syndication.twitter.com platform.twitter.com
toronto.ctvnews.ca
2 connect.facebook.net static.ctvnews.ca
connect.facebook.net
2 cdn.confiant-integrations.net toronto.ctvnews.ca
cdn.confiant-integrations.net
2 cdn.permutive.com toronto.ctvnews.ca
cdn.permutive.com
2 static.chartbeat.com toronto.ctvnews.ca
2 toronto.ctvnews.ca toronto.ctvnews.ca
1 cdn.indexww.com ssum-sec.casalemedia.com
1 acdn.adnxs.com micro.rubiconproject.com
1 js-sec.indexww.com micro.rubiconproject.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 t.adx.opera.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 www.google.com tpc.googlesyndication.com
1 mug.criteo.com
1 pmp.mxptint.net 1 redirects
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 hde.tynt.com micro.rubiconproject.com
1 de.tynt.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 ww1772.smartadserver.com sb.freeskreen.com
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 cm.smadex.com 1 redirects
1 static.freeskreen.com toronto.ctvnews.ca
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 dsp.adkernel.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 2fb850df14fece17fe5bbeb86be27d0b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bidder.criteo.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 ping.chartbeat.net toronto.ctvnews.ca
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 bellmedia.sc.omtrdc.net toronto.ctvnews.ca
1 cm.everesttech.net 1 redirects
1 bellmedia.demdex.net assets.adobedtm.com
1 cdn.jsdelivr.net micro.rubiconproject.com
1 289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co cdn.permutive.com
1 mab.chartbeat.com static.chartbeat.com
1 geo.moatads.com z.moatads.com
1 mb.moatads.com z.moatads.com
1 bellmedia-ash.gscontxt.net toronto.ctvnews.ca
1 cdn.krxd.net static.ctvnews.ca
1 beta.ctvnews.ca toronto.ctvnews.ca
1 micro.rubiconproject.com toronto.ctvnews.ca
322 142
Subject Issuer Validity Valid
news.bellmedia.ca
Entrust Certification Authority - L1K		 2022-07-22 -
2023-08-21		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-09		 a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-22 -
2023-07-21		 3 months crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
um3.eqads.com
Amazon RSA 2048 M01		 2023-05-26 -
2024-06-23		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.freeskreen.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-12-16		 10 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-07-02 -
2023-09-30		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh

This page contains 62 frames:

Primary Page: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Frame ID: D68496C9FFFF87245D0E488FB65AC158
Requests: 141 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 3631889D8311CC45DE34FB58E5C7D073
Requests: 1 HTTP requests in this frame

Frame: https://bellmedia.demdex.net/dest5.html?d_nsid=0
Frame ID: FACA44C37A60A392652E212460E56183
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftoronto.ctvnews.ca
Frame ID: 7992223412B76B91F2208D7E2D9E1857
Requests: 2 HTTP requests in this frame

Frame: https://2fb850df14fece17fe5bbeb86be27d0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 20F747721E6423507924204A79335967
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&dcc=t
Frame ID: 6EA09E5028CC3E2D083ACF331BD6814E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 98D9AFF5AAA69EE3C802689BAD8E2288
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: A6B379267932D84762D41CB44550EE62
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 6370BDE351C0E576417BD15415046BFF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Frame ID: C150F2887A3526F5C7A12D970961070B
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 6F1A5EC353C5B5294FF67E61C5E20569
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 3595EE726BBB9E7924F5FEAB217AA82B
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: F3BB6218A46ABD65712CB3C9F34BF7C4
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 51DDF851D9EE20A70D74E1F4562B6CCD
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1pRUdVX3haRTJ1S25oVjRhTHFxZUNXem9qTGR4V0E1QX5B
Frame ID: D1B5472D3C5D2D03BFE5D434850A6799
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7544388502924255489&gdpr=0&gdpr_consent=
Frame ID: A098686B31856D83B13A31CF6CF84A65
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=3373822132269096047&ex=appnexus.com
Frame ID: EFEBA6F0E2072D5FB36E1B4A942DAF64
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: EF2B44A160B51F1C569D7CA76DCB4877
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 7CB13B12331DCBD224526066621BAFD9
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVs6bi97-MuiXw6XE0K7S0eYwLDuggFmlCedx7UNxAaohrvHY_L4S0vmvCF4l0ix-cDrcjMUOlx_RgNF-n9effdGIFV3QChzeT-QldMWk4hJl41G5HuW_J6DrdkdI8D9ZmwbHoYmSXitZGg8LvPHQWiipONE3nOnjfXwtvA6ZQ4kTd6lH9YD1HxbjrKAlyMp47ILvix8zlRwdIDwjDGxVZqxlv-QQTBs2DssmSVx40TdEnc_w8xiLVmYUsC0WexZ1u0Zs1hJ7KtRiKgr1aaaurCatKsulNIyxtahTs0FOTi2Rzy2Ms5XHHuEbjVEW6a7yY4gyj5MtSVmeYAd3ml4HO5xG6-3THaME&sai=AMfl-YRrbOqV4cX_oJaI7OmczRCOKSMNioYZGfxCtNm_selhc7JBTRz2LSe2Vhnw-xLJo5LF_76VyzrRnsRVN_oM0nxFbuQsl6Mv3ZSnVovyaLu_VvwXnQeX5wPgcJu43-40kPSN1TXD2JIFw7H5hpt2&sig=Cg0ArKJSzOkNt-Aav5_MEAE&uach_m=[UACH]&adurl=
Frame ID: 8CE9521469FC7308231D0DECA8F6F4B4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYhTIaxC88MjXLG7JE60QmFISe1ZPvoPyhtCqBU5-xn47n6P0MqAYFCpnKoYLezuEqOVCAfbpf03eDbrUI3X14bqLD-VNQMGLL_Pp6XZnhnUDLYhYqfKvpM3Ze8r4f5eqCi185kAwexYJ54z2SrsBKS7OCSyxypBqhzLq4P1CHS1EoYxn7rZH45KK1WkmBh4SJ_vav0yi1cP0ujUVs-hb5pjtDkeViKG7DXdkt_96iDK7l6SJ05WyaZGe1JPY--qdYhHy5ikXo0pOSkbZRSxPQdJcrb1g9qnmfxsxOvrZQV8S7Ogf0Y7kkXZcRX17ELjnLDfEPVAW7sP7Wm4WRN1tf7SBrPic&sai=AMfl-YTjuRmgtQlqrlB2fPxARD-Mvanq29bSomA3Mhw7CvUofiz1mHcU1RcU9tWaiKhzTU8j8cqD8JYNsEjWe7XBeCUMd6AgpgwbCmQkfuejfRMFRb1X4211o9rTjhf5o1GRroPa9B2YpJyyKACvvunc&sig=Cg0ArKJSzOb-nTO_kzjXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 40CA0E3440C9F71171C0AF664F76F11A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3JA6KrF_kiKqjZrSpFVHGK3ybfC1qfGyBKuGW4NuCxJz5R_2vSaWJfBu2Wcl7UVQSHf773-HxULbglsQdqgk8udpjdGKfcaGor0B61xdby6AxjNvyu4yMtR3MRVTtINEuNpTJT-z1yaWL4s_LG0lNN-p48_PelGcdx7NZ62EJO6MR4cO6DHXk5tOA2BLntrLraewWqO1Vkb2ePB5QVL1lnmgG4ps_eMC_ZiuHEyKQZeEnOwxJ8_MI4xXW_puw6e9y7ij2mMjRnTnfFiX-SGcZFQhkZ0gZes4xN5b71YfFacfbRALRuC7Hpz1WDhifzPY9PDpzfuaemdunueUOy1FsUsTaznKmds0&sai=AMfl-YRcQ_XmxSK9Q5NHO7EXNaO3kjxrFi9PSbOCdfazCjitS3t0ju1I3UwJaSsRoATIkZAb9QKwPOjse8uhwz2z4MYJF8PSByncw9boedVqFlZGjiosvNZSnExX7B-MXXkOxYLz3_ge0qBBz8skEmze&sig=Cg0ArKJSzPJ6KnhswPG5EAE&uach_m=[UACH]&adurl=
Frame ID: ECAA9E08D2DFA524AD59321473763CBE
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: D71A528852DCAFCDFCDC0DC88D04F8F9
Requests: 3 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: F96E70D8370156D29BCBF082869F2F45
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 3F6808DF1255D9D29C3FF188F85B1305
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: B973AB65580DD7B6E7468959F175F5E4
Requests: 28 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 12DA100FEA3ABE82A96AC2909E18774C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477416439085593
Frame ID: 54B299855B080A738AE928CDC60DB108
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=0B81145E-C729-4696-B61A-D773814761D7&redir=true&gdpr=0&gdpr_consent=
Frame ID: EAAAE6F5672637FD80F8C8F4533C398E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUdE7JYLgAACavP01DKg&gdpr=0&gdpr_consent=
Frame ID: 375AE1C49D7799526E36A1E463185B25
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_8b0dc000367b4b7f97614
Frame ID: FFCE2C50C96549C38B2B61F310FCED28
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3373822132269096047&gdpr=0&gdpr_consent=
Frame ID: 92F53BC4F4BBBA9DFBA5FF7083B4DA9A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK
Frame ID: 7274874A722943292F1EDDDABCD3847C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1A454BA8647440D9DD075AF40ABA958F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=484afda8-21ba-11ee-afe2-e5628e34fd89
Frame ID: 2BD72CA7283CA17DE56C40AAFBCA6C3F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fxwlYUubUiBvJ8uiP7oHl5U4mbc&gdpr=0&gdpr_consent=
Frame ID: 3BC341593F631FA233604AFFC2F2AD24
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bl7jxeH81Qk2KF5&gdpr=0&gdpr_consent=
Frame ID: 97E44FA31757BDA05D14B5D5B18D054A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=799697120681
Frame ID: 56CCE1F7AB1D0DEA8496A9E7C8829AC4
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0B81145E-C729-4696-B61A-D773814761D7
Frame ID: 6D22D6C609ED92CB10C8E3F0AF423A22
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3447A3E8BC826E0F20AB19D46C59603C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Frame ID: 1A75B7085DC8481F16B79DD981B2E2CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 4BF6C126285FCA4B127826D3CD6B8DAD
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=0B81145E-C729-4696-B61A-D773814761D7
Frame ID: C4AB49589AAEBB49B271C243459CA298
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfedae0971591bc%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Frame ID: DB74BAD8F7149A5745F1FAA21EAD65A4
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d35573e41e99%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Frame ID: FEEFD3D99CF067B0D8A1B03555BB0E33
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=toronto.ctvnews.ca
Frame ID: A70AFBFA11EE6B350D0EFA61246A4293
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 14E8FE876C001ABC08CC39A15E208CFE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8AF89A7D8597634E1FD1BD7EDA75C4A3
Requests: 2 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 4AB17EAE1491555529DCB4CDEA72668C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-099889c2-2130-4714-8a62-8a12e93e2223-005
Frame ID: C8916C8122F5F660088B7987AC173F9F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WjX-yiKvAHykdY6g2luwZA
Frame ID: 800E2A752CC334741275D0CF14ACBFCA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 4523067F68FAE197ABC304E64897CCD5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=61c43ae6-268c-447b-b8f9-d1da93f9b875
Frame ID: BB02FA2A92E5730EDC96F8F8260C815A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 893D98C1BE6DF58F10637D5BCE3DFABD
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 8193967892188D5B44BDB87C62D66732
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7425658501047677522
Frame ID: 71591E37B34247BF1D79C8AE9F50F2B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D&gdpr=0&gdpr_consent=
Frame ID: CCFAF2BBD22CE4574853D260652DEAC2
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=0B81145E-C729-4696-B61A-D773814761D7
Frame ID: 05282CAA5381F934E4F487527A3DA76F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6A5360F95DF4B7AE9C045D71FB7A51C1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FE9CC72306D2D30D03FE082B3053825E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B9484BB75A9489FDCF3055F4DCC33678
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1EC1138BA58429C416B2C3F6099BA558
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fake airline ticket scam targeting Italian community leads to six fraud charges | CTV News

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

322
Requests

76 %
HTTPS

23 %
IPv6

94
Domains

142
Subdomains

80
IPs

6
Countries

8151 kB
Transfer

13420 kB
Size

170
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://sb.scorecardresearch.com/cs/3005664/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 105
  • https://cm.everesttech.net/cm/dd?d_uuid=18953613114404561984424832855440268402 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLBb0AAAAIpr9AOH
Request Chain 115
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005664&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1689279444805&ns_c=UTF-8&c7=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&c8=Fake%20airline%20ticket%20scam%20targeting%20Italian%20community%20leads%20to%20six%20fraud%20charges%20%7C%20CTV%20News&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1689279444805&ns_c=UTF-8&c7=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&c8=Fake%20airline%20ticket%20scam%20targeting%20Italian%20community%20leads%20to%20six%20fraud%20charges%20%7C%20CTV%20News&c9=
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTg5NTM2MTMxMTQ0MDQ1NjE5ODQ0MjQ4MzI4NTU0NDAyNjg0MDI= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTg5NTM2MTMxMTQ0MDQ1NjE5ODQ0MjQ4MzI4NTU0NDAyNjg0MDI=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENxLI90HGFfO7iMWt8iHt1s&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 127
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&dcc=t
Request Chain 135
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Request Chain 137
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b993a742
Request Chain 138
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5DC67FDE6B71483E96813E2D0E62AF6D&ex=simpli.fi&status=ok
Request Chain 139
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 142
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1pRUdVX3haRTJ1S25oVjRhTHFxZUNXem9qTGR4V0E1QX5B
Request Chain 143
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7544388502924255489&gdpr=0&gdpr_consent=
Request Chain 144
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3373822132269096047&ex=appnexus.com
Request Chain 145
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLBb1XDmuBybKhFtfPszdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
Request Chain 147
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
Request Chain 149
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bl7jxeH81Qk2KF5
Request Chain 150
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7d9a7540-5046-bc70-746eef5b
Request Chain 153
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 155
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLBb1XDmuBybKhFtfPszdgAAAGAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
Request Chain 157
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLBb1XDmuBybKhFtfPszdgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
Request Chain 158
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=index&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dindex%26bsw_param%3D69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://rtb2-useast.marketiq.com/sync?adkuid=A6542378305878603408&exchange=685&ssp=index&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A6542378305878603408&expires=5&ssp=index&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&us_privacy=
Request Chain 160
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=484afda8-21ba-11ee-afe2-e5628e34fd89
Request Chain 161
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3041584026635316985&expiration=1690489045
Request Chain 164
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LK1LD5WJ-H-E9GQ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LK1LD5WJ-H-E9GQ&ex=d-rubiconproject.com&status=ok
Request Chain 166
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZLBb0AAAAIpr9AOH
Request Chain 167
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=3373822132269096047
Request Chain 168
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
Request Chain 169
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=483bb67a-21ba-11ee-9a8d-1f6e8e630303 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=483bb637-21ba-11ee-9a8d-1f6e8e630303
Request Chain 171
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEsxTEQ1V0otSC1FOUdR HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIMqhIuUHzrcivKQAhPFAcc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEsxTEQ1V0otSC1FOUdR&google_push=
Request Chain 173
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/r1XtWlQzkV3IIFi7vStPzQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HB6Eq2FE2oKjJXFLhAaNzDacXYwLdmi_2S4XTg--~A
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi7DB91JODG0y7LigdUgxc&google_cver=1
Request Chain 175
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK1LD5WJ-H-E9GQ
Request Chain 176
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=&expires=30
Request Chain 177
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcxZDAzMTczMjM2YmExOTY0MGEzMzVlZWZiYzkyOGVjMGIzMWEzNg
Request Chain 178
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W-bOcsDjR9irBGscipLFlQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W-bOcsDjR9irBGscipLFlQ
Request Chain 180
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-zXwhDhNE2uFSpvhjOSxAQo33L3N7vCR1~A
Request Chain 181
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 198
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c790122c-5e0d-4328-8f22-f8881f935a25&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 199
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwODIzOTAyMTI0Mjk5MTExNjM1Nw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKUX0088nIQPYwbMKX0nhnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 201
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwODIzOTAyMTI0Mjk5MTExNjM1Nw%3D%3D
Request Chain 203
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3208239021242991116357&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=04eaa5d4-6f25-449b-90dc-395f6f72c958&expires=10&ssp=triplelift&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=69937b77-a16f-4864-96ed-07366cef82ae&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 205
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3208239021242991116357?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zD7ns0FE2oQzkuNWvZFu_wqVacG.wsIg2PMpUNnW.w--~A&dongle=0883
Request Chain 206
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=VxHEZ5CMWyBRS1-e7OLb&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KZ4EQRK2GVBU2V3ZIJJFGMJNMU3U6TDC&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KZ4EQRK2GVBU2V3ZIJJFGMJNMU3U6TDC HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=VxHEZ5CMWyBRS1-e7OLb
Request Chain 207
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3373822132269096047&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 216
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Request Chain 217
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
  • https://sb.freeskreen.com/um?sa=7544388502924255489
Request Chain 218
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://sb.freeskreen.com/um?tlr=c49814839cb94cf9b1c231ad69e6b532
Request Chain 219
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
  • https://sb.freeskreen.com/um?ac=fe5f14be-81b2-4327-938d-48097bf88ad2
Request Chain 220
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
  • https://sb.freeskreen.com/um?ni=cb357941b6e8be67980644c179e8236d
Request Chain 222
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LK1LD5WJ-H-E9GQ HTTP 302
  • https://sb.freeskreen.com/um?mg=LK1LD5WJ-H-E9GQ
Request Chain 223
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 224
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 225
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689279446598.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 226
  • https://ssc-cms.33across.com/ps/?_=1689279446598.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212207471110146
Request Chain 227
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 228
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-IdVpFr5E2uF8JRPJzgfwbTMwc71CHkOx~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IdVpFr5E2uF8JRPJzgfwbTMwc71CHkOx%7EA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 229
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4e28f1a04a8d1471&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMjXRxabdF7wNZsZ8UAAAAAAA&expiration=1689365846&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMjXRxabdF7wNZsZ8UAAAAAAA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 230
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3208239021242991116357 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3208239021242991116357&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 232
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LK1LD5WJ-H-E9GQ HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LK1LD5WJ-H-E9GQ HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LK1LD5WJ-H-E9GQ&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 237
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477416439085593
Request Chain 239
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVWRFN0pZTGdBQUNhdlAwMURLZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABUdE7JYLgAACavP01DKg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABUdE7JYLgAACavP01DKg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABUdE7JYLgAACavP01DKg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABUdE7JYLgAACavP01DKg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7544388502924255489&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUdE7JYLgAACavP01DKg&gdpr=0&gdpr_consent=
Request Chain 240
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_8b0dc000367b4b7f97614
Request Chain 241
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3373822132269096047&gdpr=0&gdpr_consent=
Request Chain 242
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK
Request Chain 244
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=484afda8-21ba-11ee-afe2-e5628e34fd89
Request Chain 245
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fxwlYUubUiBvJ8uiP7oHl5U4mbc&gdpr=0&gdpr_consent=
Request Chain 246
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bl7jxeH81Qk2KF5&gdpr=0&gdpr_consent=
Request Chain 247
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=799697120681
Request Chain 248
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=4f439bbc-69ef-4ad8-89ca-d9f750657742&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0B81145E-C729-4696-B61A-D773814761D7
Request Chain 249
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 250
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Request Chain 251
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C4EUXscpRpa2GtdzgUdh1w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 254
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0B81145E-C729-4696-B61A-D773814761D7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0B81145E-C729-4696-B61A-D773814761D7 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1ccd233f-dde6-4277-b9e7-9d2b983ec720%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c790122c-5e0d-4328-8f22-f8881f935a25&ttd_puid=1ccd233f-dde6-4277-b9e7-9d2b983ec720%2C%2C
Request Chain 256
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B81145E-C729-4696-B61A-D773814761D7&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1db0072e-84de-4d45-9c1a-8c8d03901c74
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEI4MTE0NUUtQzcyOS00Njk2LUI2MUEtRDc3MzgxNDc2MUQ3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDafE27dkOAJy7FGee6HvIM&google_cver=1
Request Chain 259
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D
Request Chain 260
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=
Request Chain 261
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4256294268177021327&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 263
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0B81145E-C729-4696-B61A-D773814761D7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-N0X7_DtE2uXzbDlemo0nhSuKIm1LyEE-~A&gdpr=0
Request Chain 264
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5f1e15ea2a720ffe&is_secure=true&networkId=17100&version=1&nuid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHQykQDSiozwNPp6EIAAAAAAA&expiration=1689365847&nuid=0B81145E-C729-4696-B61A-D773814761D7&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 265
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee&gdpr=0&gdpr_consent=
Request Chain 266
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=afc926e3-7f9d-4e74-a6d6-520441e5e5f5&ssp=pubmatic&expires=30&user_group=5&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 268
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
Request Chain 269
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_105C3DBC0_3B8A23CB&r=https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 270
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3041584026635316985
Request Chain 274
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=69937b77-a16f-4864-96ed-07366cef82ae
Request Chain 280
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ctvnews.ca&sn=ChromeSyncframe&so=0&topUrl=toronto.ctvnews.ca&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=8QQ9UnxLU0M4UzR6S0QwaHlHdEg0ZWtqY2VHMHFsTWlUT08zSjgyQnNxRk44SkE2eWtUcW4rZzkvZ1R2Q1dUUnFFaVpyaG1qMnU0WmJKdGpGRjZDWHF1enZZWlJQZmx0YTVaZmE5UUFCaGRBcUVnamF4SU80VFQvelpOcGoxN2lTU1JMTVF6WHdNVmZBc2dwWXZzWWlKWFNhRlJDRlNPeGlzN1RBVkVTRkVYdHJ6aTBWdVMxUTUvQ09mMVIzaDlrS0pZTHJiZXA0UGRGNXJ3SGwwYkhYcEpnejBoQURiaEN1QkhKYzZNcDlqOGdXZUlUazkvV05sMmNYbS9BSStoakFCUVpOYlVNZ01WbHFwVGlJamJTYTh5RzkxQT09fA&cppv=2
Request Chain 294
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1689279450529 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5330029013 HTTP 302
  • https://sync.1rx.io/usersync/turn/4256294268177021327?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-099889c2-2130-4714-8a62-8a12e93e2223-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-099889c2-2130-4714-8a62-8a12e93e2223-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-099889c2-2130-4714-8a62-8a12e93e2223-005
Request Chain 295
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WjX-yiKvAHykdY6g2luwZA
Request Chain 297
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=61c43ae6-268c-447b-b8f9-d1da93f9b875
Request Chain 300
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7425658501047677522&uid=Q7425658501047677522&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7425658501047677522
Request Chain 301
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D&gdpr=0&gdpr_consent=
Request Chain 303
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Request Chain 307
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3373822132269096047
Request Chain 308
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:90e423e2-16d4-494f-b291-d288d0b9adc9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 317
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3373822132269096047
Request Chain 319
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB
Request Chain 320
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4256294268177021327
Request Chain 321
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZLBb0AAAAIpr9AOH
Request Chain 322
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5DC67FDE6B71483E96813E2D0E62AF6D
Request Chain 324
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=30dc67b4cd672355&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFroGdvS6-TAMLBDlRAAAAAAA&expiration=1689365850&is_secure=true

322 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
toronto.ctvnews.ca/mobile/ 		135 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7cad667b49feef3ced88cbb0edab901a7e2c0ec8a44ede730eebb99da33035bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=59, s-maxage=300
content-encoding
gzip
content-length
22444
content-type
text/html;charset=utf-8
date
Thu, 13 Jul 2023 20:17:23 GMT
expires
Thu, 13 Jul 2023 20:18:22 GMT
grace
none
vary
Accept-Encoding
jquery-1.7.js
static.ctvnews.ca/bellmedia/common/js/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/jquery-1.7.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9561488efc9cb79af921b8ff53e83c84a175567f3dd27d2e8f836fd87673545e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
40078
expires
Thu, 13 Jul 2023 20:46:23 GMT
jquery.cookie.js
static.ctvnews.ca/bellmedia/common/js/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/jquery.cookie.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9584c9f04a6e43c884c620944cb122157c48acf556722534170327c26d5d5e06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
697
expires
Thu, 13 Jul 2023 20:46:23 GMT
requireDependency.js
static.ctvnews.ca/bellmedia/common/js/ 		2 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/requireDependency.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c831b45d68c45f1a4665d084c145fffab9a09dfdec4af94b5cd86ceb34de3d57

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
723
expires
Thu, 13 Jul 2023 20:46:23 GMT
responsive.css
static.ctvnews.ca/bellmedia/common/css/ 		779 B
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/css/responsive.css
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
281f42ca75ca2698089202ba461c6aca36a4bb1b215e2db6fb67f5aa3a9f7d18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:40 GMT
grace
none
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1740
accept-ranges
bytes
content-length
468
expires
Thu, 13 Jul 2023 20:46:23 GMT
election-2019-grid.css
static.ctvnews.ca/bellmedia/common/css/election/ 		82 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e11310ed9c3443db2167b380e28e6a3327d73373db0276274adafacf6afc5c0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:40 GMT
grace
none
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1740
accept-ranges
bytes
content-length
13681
expires
Thu, 13 Jul 2023 20:46:23 GMT
jquery.lightbox-0.4.css
static.ctvnews.ca/bellmedia/common/css/ 		1 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/css/jquery.lightbox-0.4.css
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92cb79783d2d922b60bbcd9cc11b2244c49bd6e8f199d78af2ecc388ebf57612

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:40 GMT
grace
none
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1740
accept-ranges
bytes
content-length
504
expires
Thu, 13 Jul 2023 20:46:23 GMT
slick.css
static.ctvnews.ca/bellmedia/common/css/plugins/ 		1 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/css/plugins/slick.css
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0742938350dabeaf29329c002bc1691513a3b0f764ee581cc2b125e0ade452f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:40 GMT
grace
none
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1740
accept-ranges
bytes
content-length
476
expires
Thu, 13 Jul 2023 20:46:23 GMT
slick.min.js
static.ctvnews.ca/bellmedia/common/js/slick/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/slick/slick.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:45 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
10164
expires
Thu, 13 Jul 2023 20:46:23 GMT
jquery.lightbox-0.4.min.js
static.ctvnews.ca/bellmedia/common/js/lightbox/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/lightbox/jquery.lightbox-0.4.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55aea746fe4d86c636520ef53cb04c7932daf3b99da88318cd8d5e506c0f7e7d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:45 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
2592
expires
Thu, 13 Jul 2023 20:46:23 GMT
common.js
static.ctvnews.ca/bellmedia/common/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/common.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
152fa4721770cf1dc87aea48e62a1ad5dae570995e09574057c0c1f440a2691e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
2679
expires
Thu, 13 Jul 2023 20:46:24 GMT
detectMobile.js
static.ctvnews.ca/bellmedia/common/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/detectMobile.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4ecd36bbc08c9f3e35502b5273be9e795160a9d863778596071ffbba27ba65f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
1149
expires
Thu, 13 Jul 2023 20:46:24 GMT
jquery.polopoly.js
static.ctvnews.ca/bellmedia/common/js/ 		521 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/jquery.polopoly.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d58477af72a8bbfe02d5281599bdaacbbee94781ae3bb3005051d963bc42b0c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
258
expires
Thu, 13 Jul 2023 20:46:24 GMT
moatheader.js
z.moatads.com/bellmediaprebidheader755367530455/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4946f193853611adf1b2285d0062a8713c20a181badcb295bbb8994c738a166a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:39 GMT
server
AmazonS3
x-amz-request-id
J08D58DTHJZMQRGS
etag
"f7e5e878bb52bdb11b4ccef8b110a5ac"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19576
accept-ranges
bytes
content-length
93742
x-amz-id-2
E+AI4RnZJuaV0lxtP93SgG16hirBppiGG6x1P//h/SJkONEDQbS/ptGvM5ihoJq4Cn5kQXAHMho=
js.cookie.min.js
static.ctvnews.ca/bellmedia/common/js/ 		1 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/js.cookie.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
855e395b5042677367cb70343b370d3dd2dffd73ee62ead09bde853244ab1b1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
725
expires
Thu, 13 Jul 2023 20:46:23 GMT
jwt-decode.min.js
static.ctvnews.ca/bellmedia/common/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/jwt-decode.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
1066
expires
Thu, 13 Jul 2023 20:46:23 GMT
moment.min.js
static.ctvnews.ca/bellmedia/common/js/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/moment.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec0b5be40b5a1182adcb16274da82c02e5345377475617cac1379c349be5b01f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
18606
expires
Thu, 13 Jul 2023 20:46:23 GMT
jsrsasign-latest-all-min.js
static.ctvnews.ca/bellmedia/common/js/ 		257 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/jsrsasign-latest-all-min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c591d6ce1c5815598040b7cc117ec47c34ad42732975b991b06230f354d0336

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
72630
expires
Thu, 13 Jul 2023 20:46:23 GMT
ua-parser.min.js
static.ctvnews.ca/bellmedia/common/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/ua-parser.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48f17f80b82be30ff180c092ddd915df1817ac8baf02e1e5ecbd109f69c205

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
7420
expires
Thu, 13 Jul 2023 20:46:23 GMT
userManagement.js
static.ctvnews.ca/bellmedia/common/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/userManagement.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55b3b59ad51f32da3d908c53b377e5cc6c9fda888affb46c6e159615ec47a8b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
1883
expires
Thu, 13 Jul 2023 20:46:23 GMT
mdetect.js
static.ctvnews.ca/bellmedia/common/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/mdetect.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aba292ba314fa61418c9677aaabda0b773293416c17cd05decacdf1bee5393cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
2170
expires
Thu, 13 Jul 2023 20:46:23 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:4600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:39:00 GMT
content-encoding
gzip
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
5904
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ZybSXeTYAAWXOBGdYV1Mi9Mt2oUCLClp076A1r13Tm2Hh3CYRjJopw==
expires
Fri, 14 Jul 2023 18:39:00 GMT
sha256.js
static.ctvnews.ca/bellmedia/common/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/sha256.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7dd46d3d53918e1ea3255f8c051a9c6bd9f64299f64ff7222d11c708c4cb4865

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
2376
expires
Thu, 13 Jul 2023 20:46:23 GMT
289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
cdn.permutive.com/ 		471 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06386e41ea2a9d9c276ceb2c5c8fd199b1cd6ebaf37ac0c3f0d599877c8c08fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
289d106c-df24-4cd9-a9fa-753e928c23ad
age
0
x-guploader-uploadid
ADPycdv33Ku65-OmIwuezQBrFXed5xWFZh_OLA2hQBY0OQ747H-zqr8OU6h17mLTwTBlCkz86pONkdxDYJCIuhthUwS0q_UClSua
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Wed, 12 Jul 2023 17:09:34 GMT
server
cloudflare
etag
W/"583e0271f4db7333b971451120a2bbde"
vary
Accept-Encoding
x-goog-generation
1689181774585185
content-type
application/javascript
x-goog-hash
crc32c=lw3FHg==, md5=WD4CcfTbczO5cUURIKK73g==
cache-control
public, max-age=900
x-goog-stored-content-length
153642
timing-allow-origin
*
cf-ray
7e64358e4a9739e7-YYZ
expires
Thu, 13 Jul 2023 20:32:24 GMT
config.js
cdn.confiant-integrations.net/5rJjPRoNo_MlaGcpOA6YOlm0Fmw/gpt_and_prebid/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/5rJjPRoNo_MlaGcpOA6YOlm0Fmw/gpt_and_prebid/config.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d547e1b9bb804c01d416d5f3225edd5d12aa3594c068ee00df53577f9f9375d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Jul 2023 19:01:49 GMT
server
cloudflare
x-amz-request-id
B7GXH1P8420P2ZH7
age
850
etag
W/"0651e3bc87e89f60d080490d54fb12f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7e64358e4ea8547f-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5WvQzhgun7uK+5zGveE+FiBLnokNZ2O48EFDcUfIG9w93jLeEUzNbnFL7zFhWCAS+2aDYfeTSLx43RpXwvekYw==
13126.js
micro.rubiconproject.com/prebid/dynamic/ 		399 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/13126.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.84.215 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-84-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d1bdc630dc111ca0665e5671e6c70e81f5b2e87fad4f1412bc52d9027ec262aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-13126_CTV_News_Local_Desktop_EN.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
124484
expires
Thu, 13 Jul 2023 20:55:39 GMT
launch-EN8508e1965b004de29de2dbd977d7156a.min.js
assets.adobedtm.com/ 		365 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1487::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6caf0032793e0fe49f17fd134aca07baae9de687832bfc078a737ef34ddcac89

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2023 15:26:38 GMT
server
AkamaiNetStorage
etag
"4b957abcd36b8d9f9f4643b9a0dc7a23:1687793198.217828"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
89801
expires
Thu, 13 Jul 2023 21:17:24 GMT
image.png
www.ctvnews.ca/polopoly_fs/1.4693935!/httpImage/image.png_gen/derivatives/default/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.4693935!/httpImage/image.png_gen/derivatives/default/image.png
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2009a11e8b2b8b896ca02bec28b1aa19ed2de1f3a66f67891274140136b8d85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 14:40:21 GMT
grace
none
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31557600
accept-ranges
bytes
content-length
5130
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.4907708.1588858647!/httpImage/image.jpg_gen/derivatives/box_45/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.4907708.1588858647!/httpImage/image.jpg_gen/derivatives/box_45/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32e283dbb01e0ad077a195dd6093e209b187d846a6d5b156d11e228cd010de3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 07 May 2020 13:37:49 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
2182
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.2732189.1452529268!/httpImage/image.jpg_gen/derivatives/landscape_1020/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.2732189.1452529268!/httpImage/image.jpg_gen/derivatives/landscape_1020/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca332b4440cc48d13fbc03795c3ff7d056a4b879991885e53f1302d77c422ed2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2016 16:22:29 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
96165
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478264.1689261488!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478264.1689261488!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dad4ae1b77550002733f215e8084e73f35757bc3e8ed9eb3dec51e917e3e9ca9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 15:18:22 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
137827
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6477383.1689197922!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6477383.1689197922!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08372933d39a2bad378cc1708ac33882d21494902d07b07e288dc546265bf88b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 12 Jul 2023 21:39:30 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
74457
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478515.1689269377!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478515.1689269377!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7fd6aa669a7ef23fa4b5d75840385e3927d52481649517c8ff6cb4a484b3d8ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 17:30:24 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
161880
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478618.1689278044!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478618.1689278044!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bde8310e2019343a2d68e659636b8af0de40c6313f5fb1d70e3edf8b2c72fbf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 19:54:14 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
86420
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpeg
www.ctvnews.ca/polopoly_fs/1.6478603.1689271968!/image/image.jpeg_gen/derivatives/landscape_800/ 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478603.1689271968!/image/image.jpeg_gen/derivatives/landscape_800/image.jpeg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51fb7502bff95c3e7f2afe9cf002aa65721f6d08dfeb450840e61cd2b1ff49b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 18:13:19 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
241488
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6351097.1681242549!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6351097.1681242549!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c47a788a0ee2c53364cf7846425e7df8444e707c69422eabc2fa63bd16ec3fcd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 19:49:56 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
129943
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478811.1689277798!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478811.1689277798!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90839ce8dfb37c56ee963fda66177760bdd083e5a5e1800d6e62139d84f8997c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 19:50:08 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
216004
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478445.1689267908!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		210 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478445.1689267908!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b12f889dd95592b62d4fa249e174b9cb4fd65ab1bdc96339f2035cc2093c3d92

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 17:05:59 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
215295
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6475950.1689123717!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		218 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6475950.1689123717!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ada7777d20254a1b13ae421adfd813cee6fa84ac3b296bd63a07043bb686c4d5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 12 Jul 2023 01:02:01 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
222995
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478373.1689265614!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478373.1689265614!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
647738c62e1fb1cb0d72434f8c9890899c285e785d621854f38c5ad95cf1bdab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 16:27:21 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
218274
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6472972.1688932841!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6472972.1688932841!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db7e9d97ad16ccc99b4a028841c2a64324b87b941556539a4e37f49224c2191c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Sun, 09 Jul 2023 20:01:11 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
121371
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478482.1689268906!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478482.1689268906!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe405ee18a13d61251a969d148d2a4607fad334520d9d1031b3c9810d057bd4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 17:22:06 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
102382
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.4330702.1656431653!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.4330702.1656431653!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5181c5eb8134d99569407f5e696c795992fe12141af422ba0a3c3dccdc39f91e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 15:54:41 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
141108
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6090527.1664496975!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6090527.1664496975!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b061fa052ad2f1b58cae362ea5d931a8f9fd22d280574b224077fa9995fe8454

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 00:16:48 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
103105
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6147683.1668101308!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6147683.1668101308!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcef00ec118920975f6c1fbd29c0a349c7c2bad5214c255ea659537b26bf3976

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 17:29:04 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
139602
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.5312928.1688504749!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.5312928.1688504749!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
794d9915f4c3ab0eb763b76cfac9c2ed0f1441c0b9b935215e07c6ea99069c09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Tue, 04 Jul 2023 21:06:13 GMT
x-newrelic-app-data
PxQEVF9QAAsTUFZaDgQEVFATGhE1AwE2QgNWEVlbQFtcC2VOYgRBFAhTQz1JAFddRAEPFlFYWwMXVERFDgMXQBxSFlIUDBoABFQBUHRMB05JBxtDUwIBV1NdBQdTU1RWVVIBAUBKBQNcEV0/
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
121499
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6463717.1688164982!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		156 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6463717.1688164982!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ecfc1fe04580ce644453ff4ecdd14f08f7989fd195195bb920c31f9361bd330

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Fri, 30 Jun 2023 22:43:55 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
157528
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6462218.1688080005!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6462218.1688080005!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68093edce625371b24b5668500cb69b7aabaaba0ea1a87a43c180cfc67a3759c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 29 Jun 2023 23:09:09 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
80187
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.5723928.1640908674!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.5723928.1640908674!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05fd032d3ff962e45cd0370c281c322088ea4a576a40f42bafac0aec4c282efd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 30 Dec 2021 23:58:31 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
169671
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.5891282.1651802097!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.5891282.1651802097!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7886152837ec191da35140125b9f6305cca777f54ba535e35fc1ca267f7d36ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Fri, 06 May 2022 01:55:14 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
171768
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.5886913.1651608719!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.5886913.1651608719!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dae30ada029c7f61a2384e3762feb68fc3d761cd0af537e6783ffe62804f0e0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 20:13:01 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
171007
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.5860409.1649864669!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.5860409.1649864669!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c4deece905708b299f5478a55631bb18bd5328bef7b0d346627fa0314f40ba2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 15:44:55 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
151105
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.4927967.1588800700!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.4927967.1588800700!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52fa6a4d772e3482280effa4188225dffbc09387b739d3a41050a53d2c6094fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 06 May 2020 21:32:05 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
158084
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.5876088.1650939313!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.5876088.1650939313!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0cfa5ab5b0fb8c52f1554beb7767bcc9895f9be47f87117484d6caa8c6f5830e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 02:15:53 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
175280
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478015.1689250647!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		205 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478015.1689250647!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91b4dbfe46ffc15688b8749f361370b721df228894cd9ff71d681357e4c59471

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 12:17:45 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
208989
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478154.1689256117!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		228 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478154.1689256117!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d6d4cae5b31b40f41b58f639baf77580b1dc64f567d132d9e9064cfb249b8295

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 13:48:50 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
232770
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478510.1689269274!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478510.1689269274!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae2bc59e6cfaa653387cfecd5cc73f55418b6043777cffc1d9d2bd77c712d661

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 17:28:34 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
179284
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478671.1689273935!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478671.1689273935!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df242c79e03b5eeb8b9919cec4d8e61acf79f95795203d0928d1b0bf3b76c8a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 18:47:00 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
156048
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478639.1689272929!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478639.1689272929!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d33deec2bf0281ea72e020234a8e369b9f73f9702e13c404d1766d10296d9ab8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 18:36:02 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
198033
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478628.1689272522!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478628.1689272522!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5cbefaf4c8fe42a6c14dcb3a2d0d0e138418df68d4b71bca9eb4816c8684bbf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 18:22:55 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
145127
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478466.1689268500!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478466.1689268500!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b523c0c56df668c227221b8072c44f0b70130cedad86413f2e27363f41872f63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 17:15:23 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
168252
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478369.1689265243!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478369.1689265243!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d17d8b489722eac31bb778b1d1ee0ef0fbe61d037f68c5de4085f0be7f51a429

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 16:20:58 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
172384
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6478410.1689266819!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6478410.1689266819!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e12831a74d0f6dfc24e60f942e1c54b280df951dfc9bd31cc73b9ca7019472d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 16:47:13 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
99702
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.4507207.1563066651!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		127 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.4507207.1563066651!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eea2195a1d52627879e4f27d606d6b430c2536c4028d0c6cb6374472980a74f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Sun, 14 Jul 2019 01:11:37 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
126169
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6465381.1688396747!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6465381.1688396747!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6d1bcd003f3316277f3dfe0b64d76ebd6ed5e0a26a63aa62d06b24b05aef382

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Mon, 03 Jul 2023 15:06:18 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
155717
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.5837154.1648432378!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.5837154.1648432378!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8bbf2bd8de650c4b734fc821b1a3b2b45bf3dfad6e4dccfe52828629b39c4dab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 01:53:18 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
209910
expires
Fri, 12 Jul 2024 20:17:24 GMT
image.jpg
www.ctvnews.ca/polopoly_fs/1.6447310.1687207738!/httpImage/image.jpg_gen/derivatives/landscape_800/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ctvnews.ca/polopoly_fs/1.6447310.1687207738!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06b0e5549e5f1946b2ffcecf3b2e714c08e04402cf6772e34983b4d0f539fb0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Mon, 19 Jun 2023 20:49:14 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31557600
content-length
112353
expires
Fri, 12 Jul 2024 20:17:24 GMT
bell_media_en_white.png
static.ctvnews.ca/bellmedia/common/img/logos/ 		6 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ctvnews.ca/bellmedia/common/img/logos/bell_media_en_white.png
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48dc707767808e30b116858c5f894e1a0c5503aaa5ead5e082b18511664f6089

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 08:31:00 GMT
grace
none
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5099
expires
Fri, 12 Jul 2024 20:17:24 GMT
p.gif
toronto.ctvnews.ca/logger/ 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toronto.ctvnews.ca/logger/p.gif?a=1.2732187&d=/2.628/2.629/2.620
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 13 Jul 2023 20:17:24 GMT
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
43
content-type
image/gif
includeAuth3.js
beta.ctvnews.ca/content/dam/static-resources/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.ctvnews.ca/content/dam/static-resources/includeAuth3.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d84c419bb39b3ef7ee04cce175b7b79ff638616976aab07ba909377bcc773b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://cdn.ampproject.org/ https://*.ctvnews.ca https://*.cms.9c9media.net/ https://use.fontawesome.com/ 'unsafe-inline' data: blob: https://adservice.google.com/ https://adservice.google.ca/ https://*.casalemedia.com/ https://aax.amazon-adsystem.com/ https://*.doubleclick.net/ https://*.9c9media.com/ https://*.9c9media.ca/ https://*.bellmedia.ca/ https://*.googlesyndication.com/ https://www.googletagservices.com/ https://*.chartbeat.com/ https://*.krxd.net/ https://*.scorecardresearch.com/ 'unsafe-eval' https://*.akamaized.net/ https://*.gstatic.com/ https://*.agkn.com/ https://smetrics.ctv.ca/ https://z.moatads.com/ https://px.moatads.com/ https://ssl.p.jwpcdn.com/ https://*.googleapis.com/ https://entitlements.jwplayer.com/ https://*.conviva.com/ https://*.2mdn.net/ https://jwpltx.com/ http://*.ctvnews.ca/ https://*.chartbeat.net/ https://www.googletagservices.com/ https://*.facebook.net/ https://*.facebook.com/ https://*.ampproject.net/ https://*.twitter.com/ https://*.instagram.com/ https://*.twimg.com/ https://*.adroll.com/ https://*.turn.com/ https://*.yahoo.com/ https://*.advertising.com/ https://*.everesttech.net/ https://*.fbcdn.net https://*.adform.net/ https://*.betrad.com/ https://*.evidon.com/ https://*.youtube.com/ https://*.akamaihd.net/ https://*.jwpsrv.com/ https://assets.adobedtm.com/ https://*.demdex.net/ https://bellmedia.sc.omtrdc.net/ https://bellmedia.hb.omtrdc.net https://*.appspot.com/ https://bellmedia.amp.permutive.com/ https://www.adsrvr.org/ https://*.permutive.com/ https://www.google/ads/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://cdn.ampproject.org/ https://*.ctvnews.ca https://*.cms.9c9media.net/ https://use.fontawesome.com/ 'unsafe-inline' data: blob: https://adservice.google.com/ https://adservice.google.ca/ https://*.casalemedia.com/ https://aax.amazon-adsystem.com/ https://*.doubleclick.net/ https://*.9c9media.com/ https://*.9c9media.ca/ https://*.bellmedia.ca/ https://*.googlesyndication.com/ https://www.googletagservices.com/ https://*.chartbeat.com/ https://*.krxd.net/ https://*.scorecardresearch.com/ 'unsafe-eval' https://*.akamaized.net/ https://*.gstatic.com/ https://*.agkn.com/ https://smetrics.ctv.ca/ https://z.moatads.com/ https://px.moatads.com/ https://ssl.p.jwpcdn.com/ https://*.googleapis.com/ https://entitlements.jwplayer.com/ https://*.conviva.com/ https://*.2mdn.net/ https://jwpltx.com/ http://*.ctvnews.ca/ https://*.chartbeat.net/ https://www.googletagservices.com/ https://*.facebook.net/ https://*.facebook.com/ https://*.ampproject.net/ https://*.twitter.com/ https://*.instagram.com/ https://*.twimg.com/ https://*.adroll.com/ https://*.turn.com/ https://*.yahoo.com/ https://*.advertising.com/ https://*.everesttech.net/ https://*.fbcdn.net https://*.adform.net/ https://*.betrad.com/ https://*.evidon.com/ https://*.youtube.com/ https://*.akamaihd.net/ https://*.jwpsrv.com/ https://assets.adobedtm.com/ https://*.demdex.net/ https://bellmedia.sc.omtrdc.net/ https://bellmedia.hb.omtrdc.net https://*.appspot.com/ https://bellmedia.amp.permutive.com/ https://www.adsrvr.org/ https://*.permutive.com/ https://www.google/ads/;
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 20:17:24 GMT
last-modified
Wed, 22 Jul 2020 17:34:41 GMT
content-encoding
gzip
etag
"7835-5ab0b279ace40"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=27728774
accept-ranges
bytes
content-length
6087
x-xss-protection
1;mode=block
expires
Wed, 29 May 2024 18:43:38 GMT
omnitureTVE.js
static.ctvnews.ca/bellmedia/common/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/omnitureTVE.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e4b35bdd84d850d127b50f969e79a576ec0a8e68c3e98a7b8856f61813050ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
1474
expires
Thu, 13 Jul 2023 20:46:24 GMT
webfont.css
static.ctvnews.ca/bellmedia/common/css/election/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/css/election/webfont.css
Requested by
Host: static.ctvnews.ca
URL: https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d2e665ac9964e2cb3dad87acd9da254754ec2a7047dd06639f1e6db3afa612d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:40 GMT
grace
none
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1740
accept-ranges
bytes
content-length
1455
expires
Thu, 13 Jul 2023 20:46:24 GMT
controltag
cdn.krxd.net/ 		2 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag?confid=ImoeZsch
Requested by
Host: static.ctvnews.ca
URL: https://static.ctvnews.ca/bellmedia/common/js/common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
115
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
22
x-served-by
config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100110-IAD, cache-yul12830-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1689279444.299715,VS0,VE0
etag
"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 320305, 25
channels.cgi
bellmedia-ash.gscontxt.net/main/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bellmedia-ash.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.159.113.125 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
5889acc18d4d09026cc18b54afff8d5d180dc2765ed308c2749e6edab657436b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
1113
Content-Type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6373e398c603bd600b32085113f37ec682464e1c9737e9e471f7f451631df6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27641
x-xss-protection
0
server
cafe
etag
321 / 19551 / 31076056 / config-hash: 7996658803364552228
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:17:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 19:37:25 GMT
content-encoding
gzip
via
1.1 28b7c2485796d46f9fb0b0705162491a.cloudfront.net (CloudFront), 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jun 2023 21:03:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
2400
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
0asUCmbIxtvr9rvWWQzrx-6DLxKp89QEM2WZAEGQNY4j9q0lwy2uMw==
v2
mb.moatads.com/yi/ 		350 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-8fxCBT0ZTnpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&pcode=bellmediaprebidheader755367530455&rx=903575547341&callback=MoatNadoAllJsonpRequest_20944167
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.148.8.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
757adb7d54fe3d90804b9b623bd25eb3ad8af4537248aa6ce9a25d14e6149be0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
server
istio-envoy
etag
"25b24fbe0085f1ddcd88701dffb483538abd967a"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
30
timing-allow-origin
*
content-length
350
n.js
geo.moatads.com/ 		86 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-8fxCBT0ZTnpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=BELLMEDIA_PREBID_HEADER1&hp=1&wf=1&pxm=2&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1689279444057&de=841732772581&rx=903575547341&m=0&ar=c013c52fed3-clean&iw=4916143&q=1&cb=0&cu=1689279444057&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=bellmediaprebidheader755367530455&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A-%3A0%3A0&fs=204627&na=664194832&cs=0&callback=MoatDataJsonpRequest_20944167
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.148.8.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d3fb70f23a4cf50abc4c8eb5fabc2ec129ffeb0085ea47db537482637ed4923b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
server
istio-envoy
etag
"e4bf28bdc8cf1a39929adebd6a76384b2f45148e"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
6
timing-allow-origin
*
content-length
86
iframe.html
z.moatads.com/hd09824092/ Frame 3631 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=398
content-length
1374
content-type
text/html
date
Thu, 13 Jul 2023 20:17:24 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
hQ76LONt8Z0+0gvX3A4RyhSAR+G2Z6t19zCkHXVFoPjEF/LsnPK0v5GFk/w7HR+V18HzBhT8pKE=
x-amz-request-id
7C72C67561922266
id
dpm.demdex.net/ 		596 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BB3937CB5B349FE70A495EAE%40AdobeOrg&d_nsid=0&ts=1689279444127
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.67.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-67-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9bc3db761f876c33df0bcab73259c094ed314ad426b0943892863b8a9ebeaf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v046-0536f77d4.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
/Kp7AHXbT6U=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://toronto.ctvnews.ca
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
440
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1487::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:01 GMT
server
AkamaiNetStorage
etag
"4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12188
expires
Thu, 13 Jul 2023 21:17:24 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1487::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:02 GMT
server
AkamaiNetStorage
etag
"8b210658d66894c896047ae490138f1c:1629320642.068491"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1593
expires
Thu, 13 Jul 2023 21:17:24 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:4600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0744b5a06712d19c1b72db9691015da5567bda61a5a05ed27b60834cd2e6dfcf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:50:42 GMT
content-encoding
gzip
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:36:52 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
44802
etag
W/"649b80a4-11962"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
_A2jLXFUuTHzCP3b6Iyg6eINo0KCMGwstlLfPizambkLN0SthLCA1g==
expires
Fri, 14 Jul 2023 07:50:42 GMT
webiconfont-v8.woff
static.ctvnews.ca/bellmedia/ctvnews/css/webfonts/ 		53 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/ctvnews/css/webfonts/webiconfont-v8.woff?s=2_620
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
febc229a4470a170e06c6672818f1d6b76ce62ad87340e17e5304c3d1d7ac848

Request headers

Referer
https://toronto.ctvnews.ca/
Origin
https://toronto.ctvnews.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 09:06:18 GMT
grace
none
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26578
expires
Fri, 12 Jul 2024 20:17:24 GMT
CTV_Sans-Bold.woff
static.ctvnews.ca/bellmedia/ctvnews/css/webfonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/ctvnews/css/webfonts/CTV_Sans-Bold.woff?s=2_620
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88228d1013379dd731c30515d51921007b9de9ddbac887139196d32cdac5885f

Request headers

Referer
https://toronto.ctvnews.ca/
Origin
https://toronto.ctvnews.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 09:05:20 GMT
grace
none
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32452
expires
Fri, 12 Jul 2024 20:17:24 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:17:24 GMT
Content-Encoding
gzip
Age
435
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (nyb/1D1A)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
CTV_Sans-Regular.woff
static.ctvnews.ca/bellmedia/ctvnews/css/webfonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/ctvnews/css/webfonts/CTV_Sans-Regular.woff?s=2_620
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da8a750bf8038cb671a01c4178fadc10eb5157efed64f44061979d008725d09c

Request headers

Referer
https://toronto.ctvnews.ca/
Origin
https://toronto.ctvnews.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 09:05:57 GMT
grace
none
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30035
expires
Fri, 12 Jul 2024 20:17:24 GMT
reddit-icon.png
static.ctvnews.ca/bellmedia/common/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ctvnews.ca/bellmedia/common/img/reddit-icon.png
Requested by
Host: static.ctvnews.ca
URL: https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c4c693923f90d5e2e58221a70eb1964afc8415fa331c2fbef5f2bcfd6ed58710

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 08:30:53 GMT
grace
none
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2016
expires
Fri, 12 Jul 2024 20:17:24 GMT
form-button-bkg.jpg
static.ctvnews.ca/bellmedia/common/css/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ctvnews.ca/bellmedia/common/css/img/form-button-bkg.jpg
Requested by
Host: static.ctvnews.ca
URL: https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
videoClipPlayIcon2x.jpg
static.ctvnews.ca/bellmedia/common/img/elections/ 		11 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ctvnews.ca/bellmedia/common/img/elections/videoClipPlayIcon2x.jpg
Requested by
Host: static.ctvnews.ca
URL: https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0366667430ab28c56f5fe079aa711c4e31eca1f29ac910dc3ef02ce0335b81d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.ctvnews.ca/bellmedia/common/css/election/election-2019-grid.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 08:30:49 GMT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5524
expires
Fri, 12 Jul 2024 20:17:24 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/3005664/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:07:24 GMT
content-encoding
gzip
via
1.1 cfc46590021b7df312893ffb67317bb2.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:00:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
47401
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
dUgiKduDlB-8_Iq_vf4tV_SjlFn6HpCnvZKa6zmy5W9g9V7cNF7ihA==

Redirect headers

date
Thu, 13 Jul 2023 20:17:24 GMT
via
1.1 cfc46590021b7df312893ffb67317bb2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
HMfcOqxh3e4o9kbcJrRWuFXD7r2DrjydfkGU-DInZult6xVyvvqcTA==
RCe714d7b84ce14ee0a28df675bbd5cf5b-source.min.js
assets.adobedtm.com/653e7ca2fc48/14929d193258/34dcde5fc5fc/ 		478 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/653e7ca2fc48/14929d193258/34dcde5fc5fc/RCe714d7b84ce14ee0a28df675bbd5cf5b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1487::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
272f979b06865e2f0ba1db8e5663c85f0e7007bf97df80b5a3060a14c9607315

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2023 15:26:40 GMT
server
AkamaiNetStorage
etag
"61b0792b369a12073d2f7bee7c3399c0:1687793200.184614"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
288
expires
Thu, 13 Jul 2023 21:17:24 GMT
RC2d6da016bf28471c8bc669fb84568d84-source.min.js
assets.adobedtm.com/653e7ca2fc48/14929d193258/34dcde5fc5fc/ 		512 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/653e7ca2fc48/14929d193258/34dcde5fc5fc/RC2d6da016bf28471c8bc669fb84568d84-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1487::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
50ff57a13c2b4f036e7e7cd6737fb6157c49a71ea8dec39c5b646dbf1450c8e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2023 15:26:40 GMT
server
AkamaiNetStorage
etag
"61b0792b369a12073d2f7bee7c3399c0:1687793200.184614"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
326
expires
Thu, 13 Jul 2023 21:17:24 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: static.ctvnews.ca
URL: https://static.ctvnews.ca/bellmedia/common/js/jquery-1.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d0eeafeb4bd4978f58ed4f68d677efa62ad66fdff34014b098c03149e69d4ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 20:17:24 GMT
content-md5
pa9IQzOQqiSI3QcOvrxfbA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
jFNM1TtOi40BpfFliRcUMGgG7JyQxVO9bK/MBWwS/vTjYs1f02JThNM8Wi8neAMhRtJ+2Yqy9glVFG1A6yGG1w==
x-fb-content-md5
6f3a4453e8669d3eb07527fac0be6422
cross-origin-opener-policy
same-origin-allow-popups
etag
"aef61dc75d845852cb76e4de9f7aebc3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:33:08 GMT
trustProject.js
static.ctvnews.ca/bellmedia/common/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctvnews.ca/bellmedia/common/js/trustProject.js
Requested by
Host: static.ctvnews.ca
URL: https://static.ctvnews.ca/bellmedia/common/js/jquery-1.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.210.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-210-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61f5c1127116f92d001a0f873da5cc899c1819a47822d07e4a81a63b775b4a45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 08:34:43 GMT
grace
none
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1740
accept-ranges
bytes
content-length
1299
expires
Thu, 13 Jul 2023 20:46:24 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307120910/ 		245 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307120910/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/5rJjPRoNo_MlaGcpOA6YOlm0Fmw/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc12aedf7850dec23c99b740a872607b91ecff5561d13ee9b22bf68419624399

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Jul 2023 13:18:00 GMT
server
cloudflare
x-amz-request-id
05JGNM99X79BANNC
age
101674
etag
W/"6d0a67c5c05f8ae34f9090d0bd94cd05"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7e64358f1f3e547f-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Rr3xlIhZCR43eH+9NjQl5EEhMhnW2yFxsN17izdJPVG16YF9XDZdb6JdNc/oV8TMGYfyHmP6AYtzFa7LqvpxaCwJzqzjN6l7pZUawpKRNpQ=
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		248 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=ctvnews.ca&domain=toronto.ctvnews.ca&path=%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98b294f371d598de4555382d29833c5e20aa2c04c766bfddba93e8196483403f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
189
x-served-by
cache-yul12820-YUL
x-timer
S1689279444.413598,VS0,VE53
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 11 Jul 2023 20:17:24 GMT
pxid
289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co/v2.0/ 		46 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co/v2.0/pxid?k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0aa84e621ab77451a6bdf16c61f7922cacdd0f0f6d065c39cdc5c991fcfae7af

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:24 GMT
an-x-request-uuid
d893d487-15b9-477d-ad4c-85778c41818a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
289d106c-df24-4cd9-a9fa-753e928c23ad-models.bin
cdn.permutive.com/models/v2/ 		124 KB
84 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/289d106c-df24-4cd9-a9fa-753e928c23ad-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d942dc9b2afdf685e52d2a1025d83b354aed5dea49cab76a9875ed5cdab01e6c

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
289d106c-df24-4cd9-a9fa-753e928c23ad
age
0
x-guploader-uploadid
ADPycdsTrONFRDXe9kL_Ro6XB4ZKB0QigQM4W6g8IsrcoO07KT7NmRpKiz1ufZYJH3V2E3lnorCxkYB1usQh2-FA453J_w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
85140
last-modified
Mon, 10 Jul 2023 06:02:14 GMT
server
cloudflare
etag
"a2ecbce2ccd28a9fb2ab4272fbffc706"
vary
Accept-Encoding
x-goog-generation
1688968934818494
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=WPOvDQ==, md5=ouy84szSip+yq0Jy+//HBg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
85140
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e64358fd83c36a3-YYZ
expires
Thu, 13 Jul 2023 20:09:33 GMT
geoip
api.permutive.com/v2.0/ 		249 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
watson
api.permutive.com/v2.0/ 		417 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
fb04c6eea2f3e8543363570b7141e3e344c8789842287cd8a7952870f819b891

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230713
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a58ca1a34ce9925743784836c19a71755c1bb1fa41628cd44ea345d9b5a5e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:17:24 GMT
x-content-type-options
nosniff
content-encoding
br
age
15396
x-jsd-version
1.0.1750
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
843
x-served-by
cache-fra-eddf8230103-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"63d-yUK8QJyEkK5ZyWzl+L6I/zpETZQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
77d7f32c-8385-4259-a102-cfd4ec9e170f
https://toronto.ctvnews.ca/ 		192 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://toronto.ctvnews.ca/77d7f32c-8385-4259-a102-cfd4ec9e170f
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
083f919bf74e6682954dd8f069613aba08bd29736a7cfbbeb4dbf34b206893cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
196489
Content-Type
d7aa8260-3c6e-4da5-ba2d-e0bd937b4f69
https://toronto.ctvnews.ca/ 		192 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://toronto.ctvnews.ca/d7aa8260-3c6e-4da5-ba2d-e0bd937b4f69
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
083f919bf74e6682954dd8f069613aba08bd29736a7cfbbeb4dbf34b206893cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
196489
Content-Type
dest5.html
bellmedia.demdex.net/ Frame FACA 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bellmedia.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.206.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-206-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v046-0916fabba.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
x+a4ybqiRF8=
content-encoding
gzip
date
Thu, 13 Jul 2023 20:17:24 GMT
last-modified
Wed, 28 Jun 2023 13:01:36 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=ZLBb0AAAAIpr9AOH
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=18953613114404561984424832855440268402
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLBb0AAAAIpr9AOH
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLBb0AAAAIpr9AOH
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
HTTP/1.1
Server
54.148.67.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-67-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v046-0c435d021.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hLtnmPWBQM0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLBb0AAAAIpr9AOH
Date
Thu, 13 Jul 2023 20:17:24 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s48617177439931
bellmedia.sc.omtrdc.net/b/ss/bellmediaglobalprod/1/JS-2.22.1-LDQM/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bellmedia.sc.omtrdc.net/b/ss/bellmediaglobalprod/1/JS-2.22.1-LDQM/s48617177439931?AQB=1&ndh=1&pf=1&t=13%2F6%2F2023%2020%3A17%3A24%204%200&mid=19274866080525492784438941472881418474&aamlh=9&ce=UTF-8&pageName=toronto%3Ahome&g=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=home%2Cmobile&c3=Fake%20airline%20ticket%20scam%20targeting%20Italian%20community%20leads%20to%20six%20fraud%20charges&v3=Fake%20airline%20ticket%20scam%20targeting%20Italian%20community%20leads%20to%20six%20fraud%20charges&c5=story&v5=story&c7=home&v7=home&c9=mobile&v9=mobile&c12=anonymous&v12=anonymous&c30=web&v30=web&c32=CTV%20Toronto&v32=CTV%20Toronto&c33=Kendra%20Mangione%20&v33=Kendra%20Mangione%20&v38=%20-%20&c42=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&v42=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&c50=page%20view&v50=page%20view&v68=thursday%2008%3A17%20pm&c69=toronto&v69=toronto&v91=toronto%3Ahome&v93=2023-07-13&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=BB3937CB5B349FE70A495EAE%40AdobeOrg&AQE=1
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-148.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 Jul 2023 20:17:24 GMT
server
jag
etag
3627699983270739968-4619612521018774943
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 12 Jul 2023 20:17:24 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		171 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3733&u=https%3A%2F%2Ftoronto.ctvnews.ca
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
79efe19fc8a16895c7191d5556306815ecf73d7214a6d3240163de92054a032c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 19:27:06 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
3017
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
171
x-amz-cf-id
uqm6rHonI4gkWsdYae-Y7BP0LbpVVQ-rsKP4pC97FkgGh34ISGsG5g==
bid
aax.amazon-adsystem.com/e/dtb/ 		201 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3733&u=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&pid=DWkHr0HksYiUF&cb=0&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-728_90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%2Fdiv-gpt-ad-728_90-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-300_250-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%2Fdiv-gpt-ad-300_250-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-30_1-3%22%2C%22s%22%3A%5B%2230x1%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%2Fdiv-gpt-ad-30_1-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-300_250-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%2Fdiv-gpt-ad-300_250-4%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.126.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-126-121.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
c1e05668c0dc6871b6108c3fb3a30789d1c9fcef69bf4affadf598610ed17838
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
HH5EPFQV7FJTP1J4864P
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://toronto.ctvnews.ca
access-control-allow-credentials
true
timing-allow-origin
*
content-length
201
x-amz-cf-id
X5C0RWjFqj9kA8l70Y-_989tBqjQxyoPcrvpDOIeNR8DYzZD0MDQfA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:21:26 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
6959
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
X5gzvsnFoVZVk4aAvL2ex88CySqnXqEOepZqWSnl02JhAEkWM5XFJg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/ 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 17:37:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
9610
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127551
x-xss-protection
0
server
cafe
etag
11165969021637306507
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 12 Jul 2024 17:37:14 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=ctvnews.ca&p=%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&u=DW7tm1Bht_-lDIjd-s&d=toronto.ctvnews.ca&g=65778&g0=Toronto%2C%20Toronto&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5086&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&b=968&t=eUZNeBZzth3BnKuVhDhdTojCzjQAw&V=140&i=Fake%20airline%20ticket%20scam%20targeting%20Italian%20community%20leads%20to%20six%20fraud%20charges%20%7C%20CTV%20News&tz=0&sn=1&sv=CWjJwl8ALLTCw0kBeCLFrRjCG3pYv&sd=1&im=060b0c7f&_
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.186.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-186-237.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1615847b14197a4b0f192dfdbf7958df79f15430545c509f53ddb648dc8841c4

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 7992 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftoronto.ctvnews.ca
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0F) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
6561906
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jul 2023 20:17:24 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D0F)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
all.js
connect.facebook.net/en_US/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=df136b0e48cb02c61129fe971064a9d9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
58de067c1ef89563049a925bec8efb9368c5ce1614e4feaeec73a3468f4c9707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://toronto.ctvnews.ca/
Origin
https://toronto.ctvnews.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 20:17:24 GMT
content-md5
0yOxxS40eEoXQ1dwX4fd/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88580
x-fb-debug
ocXglhTK+kBN83CiGkdwNttKpS7WIhf0nJ/EwjWaChzY3iKBZByGW5E/3X6Yr0Ldc+rcbCYcWXm6bpHhc4Q4QQ==
x-fb-content-md5
350863bb80ce5c517148019c849d77b4
cross-origin-opener-policy
same-origin-allow-popups
etag
"51c45eb0274aa06b280de550ff29befb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Jul 2024 16:37:53 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005664&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1689279444805&ns_c=UTF-8&c7=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-it...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1689279444805&ns_c=UTF-8&c7=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-i...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1689279444805&ns_c=UTF-8&c7=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&c8=Fake%20airline%20ticket%20scam%20targeting%20Italian%20community%20leads%20to%20six%20fraud%20charges%20%7C%20CTV%20News&c9=
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:24 GMT
via
1.1 cfc46590021b7df312893ffb67317bb2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
7TQq_Xdh9knd46kkXgEYCeZH8PRcs1guyTYMnXWHq80PgBYM6Oafyg==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 13 Jul 2023 20:17:24 GMT
via
1.1 cfc46590021b7df312893ffb67317bb2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005664&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1689279444805&ns_c=UTF-8&c7=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&c8=Fake%20airline%20ticket%20scam%20targeting%20Italian%20community%20leads%20to%20six%20fraud%20charges%20%7C%20CTV%20News&c9=
content-length
0
x-amz-cf-id
WjDiOpMbRnNXrUwOl7p_lmYJ8wkavD7IbmSj1eDNgAZNPJw23ANI7Q==
settings
syndication.twitter.com/ Frame 7992 		870 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=4681dc9546c2ede0bf9da727318fa3d57a39c688
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftoronto.ctvnews.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time
6
date
Thu, 13 Jul 2023 20:17:24 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 13 Jul 2023 20:17:24 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
1f369d4714550158
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
73a8bf365a247b8a8e6f86bb70abd672666430f6fdcaead151011e5c403d2269
content-length
338
cookie_sync
prebid-server.rubiconproject.com/ 		2 KB
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.24.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-24-205.compute-1.amazonaws.com
Software
/
Resource Hash
2dd254ce9555d92eee12875cd06f61064310218d6602f3178f2a634464e3ea23

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
507
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		194 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.24.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-24-205.compute-1.amazonaws.com
Software
/
Resource Hash
b5134d972c11b7b47dfc53cae53f5d767d9279f0a61e911f5debcb20768160b5

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
x-prebid
pbs-java/1.124.0
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
180
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		763 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13126&site_id=399338&zone_id=2233954&size_id=2%3B15%3B15&alt_size_ids=55%2C57%3B10%2C54%3B&eid_pubcid.org=5d8e2ef4-cc40-475e-a1ee-31d98f29dd83%5E1&rf=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&tg_i.domain=toronto.ctvnews.ca&tg_i.page=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&tg_i.aupname=5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories&tg_i.pbadslot=%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%23div-gpt-ad-728_90-1%3B%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%23div-gpt-ad-300_250-2%3B%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%23div-gpt-ad-300_250-4&tk_flint=dmpbjs_v7.50.0&x_source.tid=1c4bb964-3f74-4390-84ff-110b1e97d9b9%3B61319443-a5e2-4e88-847d-acd3e16460cc%3B80f70a68-11ab-4b5a-a9ab-e5c6261dbb6d&l_pb_bid_id=106c932aa99f1ee%3B11ac9d84c4541c8%3B1205e36f8bdb439&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1c4bb964-3f74-4390-84ff-110b1e97d9b9%3B61319443-a5e2-4e88-847d-acd3e16460cc%3B80f70a68-11ab-4b5a-a9ab-e5c6261dbb6d&rp_maxbids=1&p_gpid=%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%23div-gpt-ad-728_90-1%3B%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%23div-gpt-ad-300_250-2%3B%2F5479%2Fctv.ctvnewstoronto%2Fhome%2Fstories%23div-gpt-ad-300_250-4&slots=3&rand=0.3108894078466369
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4941e9fdf16c8e7e40bd7267c2d5706d861486e2d848e92cb65c7188bfdef895

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9d844d093a9fe226d84c1dc6f7b69e63acca4619cd2c94793e740ceb3224cf77
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
an-x-request-uuid
d0dd7ba1-3e5c-4d7a-b430-eea8f74f9654
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
379
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=31770999395&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://toronto.ctvnews.ca
date
Thu, 13 Jul 2023 20:17:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
segment
api.permutive.com/adv/v2/ 		14 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:17:24 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		223 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=320795996668313&correlator=4383362963260119&hxva=1&scor=1882785026613465&eid=31072020%2C31074947%2C31076056%2C31070232%2C31075338%2C31075340&output=ldjh&gdfp_req=1&vrg=202307120101&ptt=17&impl=fifs&iu_parts=5479%2Cctv.ctvnewstoronto%2Chome%2Cstories&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C300x1050%2C30x1%2C320x50%7C300x250%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0&ifi=1&adks=3926645308%2C2529915536%2C3258558158%2C1320652251%2C64130220&didk=1966173636~2894048822~62083776~2894048820~3070749412&sfv=1-0-40&ists=1&prev_scp=amznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1%7Cpos%3Dtop%26amznbid%3D1%26amznp%3D1%7C&eri=1&cust_params=keyvalues%3Denvr%253Dprod%26ksgmnt%3D%26u%3D%26permutive%3Drts%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26prmtvsdk%3Dweb&sc=1&cookie_enabled=1&abxe=1&dt=1689279444933&lmt=1689279444&dlt=1689279443907&idt=946&adxs=200%2C-9%2C1084%2C1084%2C-9&adys=99%2C-9%2C1602%2C426%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C1%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&frm=20&vis=1&psz=1200x18%7C0x-1%7C315x0%7C315x24%7C0x-1&msz=728x0%7C0x-1%7C0x0%7C300x0%7C0x-1&fws=128%2C2%2C128%2C128%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1371185014.1689279445&ga_sid=1689279445&ga_hid=906305621&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50dbc93d6eb75d097e6730edd17de7a34e1dd92bead319c148c9320006de3e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21674
x-xss-protection
0
google-lineitem-id
6346794899,6346794899,4539514992,6346794899,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440003059,138440003053,138360720793,138440003026,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://toronto.ctvnews.ca
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2fb850df14fece17fe5bbeb86be27d0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 20F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2fb850df14fece17fe5bbeb86be27d0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 20:17:25 GMT
expires
Fri, 12 Jul 2024 20:17:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=512600388751362&input_token&origin=1&redirect_uri=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=df136b0e48cb02c61129fe971064a9d9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 13 Jul 2023 20:17:25 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
Fg2OG3cmouVCvYhaU/Yw+oan1JgCyq2kwtcuHCkVDUq9Yk/o8VQKYkS/LS+2ckqc/EwsPPoTf6y49WDsnYU6Mg==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://toronto.ctvnews.ca
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESENxLI90HGFfO7iMWt8iHt1s&google_cver=1
dpm.demdex.net/ Frame FACA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTg5NTM2MTMxMTQ0MDQ1NjE5ODQ0MjQ4MzI4NTU0NDAyNjg0MDI=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTg5NTM2MTMxMTQ0MDQ1NjE5ODQ0MjQ4MzI4NTU0NDAyNjg0MDI=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENxLI90HGFfO7iMWt8iHt1s&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENxLI90HGFfO7iMWt8iHt1s&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
HTTP/1.1
Server
54.148.67.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-67-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bellmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v046-0c723b0bc.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VqCwd6UKTTM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENxLI90HGFfO7iMWt8iHt1s&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 6EA0
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&dcc=t
330 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e2d90d68e1d6b3e524e81efa5660f326e49aa0a883a63e525949efc3979ae1ba
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
330
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4WPDCM5N44Y997DNYDSM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2AXRKNKEHEWM5P8BEAWP
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:17:25 GMT
Content-Encoding
gzip
Age
6561907
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (nyb/1D1A)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 98D9 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
6561905
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jul 2023 20:17:25 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame A6B3 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
6561905
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jul 2023 20:17:25 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 6370 		0
0
embeds
syndication.twitter.com/i/jot/ 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22CTVToronto%22%2C%22widget_creator_screen_name%22%3A%22CTVToronto%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1689279445056%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=4681dc9546c2ede0bf9da727318fa3d57a39c688
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time
6
date
Thu, 13 Jul 2023 20:17:24 GMT
strict-transport-security
max-age=631138519
last-modified
Thu, 13 Jul 2023 20:17:25 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
7fb3fa5b7dccf528
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
73a8bf365a247b8a8e6f86bb70abd672666430f6fdcaead151011e5c403d2269
content-length
43
truncated
/ Frame 98D9 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A6B3 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
usermatch
ssum-sec.casalemedia.com/ Frame C150
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
8b25f4447d910fe6429c73c5bd817791f842d1cd466090e6b8361e35de4c2873

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1883
Content-Type
text/html
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
pr
s.amazon-adsystem.com/v3/ Frame 6F1A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cee8ff26066197ba34dea763a189191d1f09397f8ddcae27d466cfc843eef41c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1821
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QHY60E33ZF42DGDWNQC9
ecm3
s.amazon-adsystem.com/ Frame 6F1A
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b993a742
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b993a742
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0HXSE0J4BRZWEHZEH4W5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 13 Jul 2023 20:17:25 GMT
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=b993a742
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
-gJUPrPUPzYpkr2xgNhPONkJ22IfUE61UCTzNhYFf0IgxudmnWzHBg==
ecm3
s.amazon-adsystem.com/ Frame 6F1A
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=5DC67FDE6B71483E96813E2D0E62AF6D&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=5DC67FDE6B71483E96813E2D0E62AF6D&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PE6BDY9TJT3342XGRGN5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 13 Jul 2023 20:17:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=5DC67FDE6B71483E96813E2D0E62AF6D&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 12 Jul 2023 20:17:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3595
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b6e0e99fdfc7baaea1b9f122392baf3634c39541215080bdaa5f4c5d92e6fc40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1571
Content-Type
text/html
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=499
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
match.sharethrough.com/jwumXNuB/v1/ Frame F3BB 		427 B
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.72.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-72-229.compute-1.amazonaws.com
Software
/
Resource Hash
bc91353db1dae36f3851f5c656989a28134f3012a0f39e73035153ba797f40ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Thu, 13 Jul 2023 20:17:25 GMT
usync.html
eus.rubiconproject.com/ Frame 51DD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jul 2023 20:17:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame D1B5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1pRUdVX3haRTJ1S25oVjRhTHFxZUNXem9qTGR4V0E1QX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1pRUdVX3haRTJ1S25oVjRhTHFxZUNXem9qTGR4V0E1QX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
M1TMZNG67E12T0R7KPZA

Redirect headers

age
0
content-length
0
date
Thu, 13 Jul 2023 20:17:25 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1pRUdVX3haRTJ1S25oVjRhTHFxZUNXem9qTGR4V0E1QX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame A098
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7544388502924255489&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7544388502924255489&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GFTFC1MJ1DHTWDW91XZV

Redirect headers

content-length
0
date
Thu, 13 Jul 2023 20:17:24 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7544388502924255489&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame EFEB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=3373822132269096047&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=3373822132269096047&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-simpli.fi_rbd_n-vmg_smrt_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Jul 2023 20:17:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
65FTHSB7VYJ2ATWGF2RR

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
99aa9f4d-e4b2-4ef2-8ed3-6ea71f67c5cf
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:25 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=3373822132269096047&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
crum
dsum-sec.casalemedia.com/ Frame C150
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLBb1XDmuBybKhFtfPszdQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C150 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QE7YD6CXCF38PKQ8FXNX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C150
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame C150
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C150
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bl7jxeH81Qk2KF5
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bl7jxeH81Qk2KF5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0828ef80259645e72@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bl7jxeH81Qk2KF5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame C150
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7d9a7540-5046-bc70-746eef5b
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7d9a7540-5046-bc70-746eef5b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 13 Jul 2023 20:17:25 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7d9a7540-5046-bc70-746eef5b
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
113
match.deepintent.com/usersync/ Frame C150 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:24 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
setuid
prebid-server.rubiconproject.com/ Frame C150 		0
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?gpp=&gpp_sid=&gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=ZLBb1XDmuBybKhFtfPszdQAA%26096
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.24.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-24-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs&eq_cc=1
um2.eqads.com/um/ Frame EF2B
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.197.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-197-118.compute-1.amazonaws.com
Software
/
Resource Hash
f71fa636feb647315712fb3304ba60f9e67658d06eab86a8d65551ac0e345c16

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:25 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Thu, 13 Jul 2023 20:17:25 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:25 GMT
location
/um/cs&eq_cc=1
dcm
s.amazon-adsystem.com/ Frame 3595 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLBb1XDmuBybKhFtfPszdgAAAGAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
97T0WJ11JN1MMCK88NAN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3595
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expiration=1691871445&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 3595
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLBb1XDmuBybKhFtfPszdgAAAGAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPNjRMOimxbVK87HxUwsNYU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3595
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLBb1XDmuBybKhFtfPszdgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHYhCt5Q9nHsWVnTq5Lkl4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 3595
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=index&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dindex%26bsw_param%3D69937b77-a16f-4864-96ed-07366cef82ae
  • https://rtb2-useast.marketiq.com/sync?adkuid=A6542378305878603408&exchange=685&ssp=index&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A6542378305878603408&expires=5&ssp=index&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&us_privacy=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 13 Jul 2023 20:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieIndex
rtb.adentifi.com/ Frame 3595 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.66.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-66-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
crum
dsum-sec.casalemedia.com/ Frame 3595
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=484afda8-21ba-11ee-afe2-e5628e34fd89
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=484afda8-21ba-11ee-afe2-e5628e34fd89
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=484afda8-21ba-11ee-afe2-e5628e34fd89
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
sjc-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 3595
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3041584026635316985&expiration=1690489045
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3041584026635316985&expiration=1690489045
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3041584026635316985&expiration=1690489045
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 3595 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZLBb1XDmuBybKhFtfPszdgAAAGAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
633ZZEMK607YZYQQ5BW7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 51DD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e9cac0c27e07404baecabfb6a87decc67e0c77bb964e80b3e25b0a4d6a9255f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:17:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 23:31:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11705
Connection
keep-alive
Content-Length
10114
Expires
Thu, 13 Jul 2023 23:32:30 GMT
ecm3
s.amazon-adsystem.com/ Frame 51DD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LK1LD5WJ-H-E9GQ
  • https://s.amazon-adsystem.com/ecm3?id=LK1LD5WJ-H-E9GQ&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LK1LD5WJ-H-E9GQ&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N048FNRX7WD85FBEG90F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LK1LD5WJ-H-E9GQ&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
ecm3
s.amazon-adsystem.com/ Frame F3BB 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=20e6c5ab-37b2-475c-821b-6209cd007ab1
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P4SAPKPR8RPY394JGD87
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F3BB
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZLBb0AAAAIpr9AOH
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZLBb0AAAAIpr9AOH
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.72.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-72-229.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

x-served-by
cache-yul12822-YUL
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1689279445.430183,VS0,VE0
x-cache
HIT
location
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZLBb0AAAAIpr9AOH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
match.sharethrough.com/sync/ Frame F3BB
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=3373822132269096047
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=3373822132269096047
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.72.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-72-229.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
an-x-request-uuid
d64a20be-d50d-469d-8118-a4eb7005d9da
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=3373822132269096047
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F3BB
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.72.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-72-229.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
v1
match.sharethrough.com/sync/ Frame F3BB
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_chec...
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=483bb637-21ba-11ee-9a8d-1f6e8e630303
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=483bb637-21ba-11ee-9a8d-1f6e8e630303
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.72.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-72-229.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Thu, 13 Jul 2023 20:17:25 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=483bb637-21ba-11ee-9a8d-1f6e8e630303
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
259
content-length
0
crum
dsum-sec.casalemedia.com/ Frame EF2B 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=859cddb3-c35d-4587-84e2-8a6aab6da343&expiration=1697228245
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
pixel
cm.g.doubleclick.net/ Frame 51DD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEsxTEQ1V0otSC1FOUdR
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIMqhIuUHzrcivKQAhPFAcc&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEsxTEQ1V0otSC1FOUdR&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEsxTEQ1V0otSC1FOUdR&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEsxTEQ1V0otSC1FOUdR&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 51DD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7YJZSJ692G9WGVQW43ZZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 51DD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/r1XtWlQzkV3IIFi7vStPzQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HB6Eq2FE2oKjJXFLhAaNzDacXYwLdmi_2S4XTg--~A
42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HB6Eq2FE2oKjJXFLhAaNzDacXYwLdmi_2S4XTg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 13 Jul 2023 20:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HB6Eq2FE2oKjJXFLhAaNzDacXYwLdmi_2S4XTg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 51DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi7DB91JODG0y7LigdUgxc&google_cver=1
42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi7DB91JODG0y7LigdUgxc&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi7DB91JODG0y7LigdUgxc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 51DD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK1LD5WJ-H-E9GQ
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK1LD5WJ-H-E9GQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B8B884E85F0B47FA8F5351E1F2893BC0 Ref B: YMQ01EDGE0419 Ref C: 2023-07-13T20:17:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAZAVI2whe8ZDqtHgdqA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK1LD5WJ-H-E9GQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 51DD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=&expires=30
42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 51DD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcxZDAzMTczMjM2YmExOTY0MGEzMzVlZWZiYzkyOGVjMGIzMWEzNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcxZDAzMTczMjM2YmExOTY0MGEzMzVlZWZiYzkyOGVjMGIzMWEzNg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcxZDAzMTczMjM2YmExOTY0MGEzMzVlZWZiYzkyOGVjMGIzMWEzNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 51DD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W-bOcsDjR9irBGscipLFlQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W-bOcsDjR9irBGscipLFlQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W-bOcsDjR9irBGscipLFlQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MZXRA2NX8TPR8QJ6PF4W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W-bOcsDjR9irBGscipLFlQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b83e79e0dcd1f9dae8f8342eafd8f0c97a03e7309c450e25933b820a55bdffdd

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent=
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-zXwhDhNE2uFSpvhjOSxAQo33L3N7vCR1~A
86 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-zXwhDhNE2uFSpvhjOSxAQo33L3N7vCR1~A
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
3.224.24.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-24-205.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-zXwhDhNE2uFSpvhjOSxAQo33L3N7vCR1~A
date
Thu, 13 Jul 2023 20:17:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26...
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
967c46f93fabaa8b058a36af40033c5aaaf40d751f829d0db50ca4e9df38b247

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1284
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 13 Jul 2023 20:17:25 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame 8CE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVs6bi97-MuiXw6XE0K7S0eYwLDuggFmlCedx7UNxAaohrvHY_L4S0vmvCF4l0ix-cDrcjMUOlx_RgNF-n9effdGIFV3QChzeT-QldMWk4hJl41G5HuW_J6DrdkdI8D9ZmwbHoYmSXitZGg8LvPHQWiipONE3nOnjfXwtvA6ZQ4kTd6lH9YD1HxbjrKAlyMp47ILvix8zlRwdIDwjDGxVZqxlv-QQTBs2DssmSVx40TdEnc_w8xiLVmYUsC0WexZ1u0Zs1hJ7KtRiKgr1aaaurCatKsulNIyxtahTs0FOTi2Rzy2Ms5XHHuEbjVEW6a7yY4gyj5MtSVmeYAd3ml4HO5xG6-3THaME&sai=AMfl-YRrbOqV4cX_oJaI7OmczRCOKSMNioYZGfxCtNm_selhc7JBTRz2LSe2Vhnw-xLJo5LF_76VyzrRnsRVN_oM0nxFbuQsl6Mv3ZSnVovyaLu_VvwXnQeX5wPgcJu43-40kPSN1TXD2JIFw7H5hpt2&sig=Cg0ArKJSzOkNt-Aav5_MEAE&uach_m=[UACH]&adurl=
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8CE9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:53:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 18:53:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8CE9 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:17:25 GMT
moatad.js
z.moatads.com/bellmediadfp605600943044/ Frame 8CE9 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bellmediadfp605600943044/moatad.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
09d9936362c5f41454563bd60d26ab8c0cc78e1d7ed7638fda491a2e19deed87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:39 GMT
server
AmazonS3
x-amz-request-id
J088KQM9PK8GTJRC
etag
"9207f00469e64dc84ae7f35d14f9e3cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=21191
accept-ranges
bytes
content-length
3987
x-amz-id-2
WJkYxw+ki6QFO9fKF6pBSp9iTC1RMSckZ691P3dcN11s02/eE6Yvp/IceSs8IG9D1smtuEvZilQ=
5477977611561535027
tpc.googlesyndication.com/simgad/ Frame 8CE9 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5477977611561535027
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b355a547291f0a661d0e8425fca5491f82c95d6dd28b4783bdb200ec9cf4b2af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:04:33 GMT
x-content-type-options
nosniff
age
169972
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18887
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 20:56:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 Jul 2024 21:04:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 40CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYhTIaxC88MjXLG7JE60QmFISe1ZPvoPyhtCqBU5-xn47n6P0MqAYFCpnKoYLezuEqOVCAfbpf03eDbrUI3X14bqLD-VNQMGLL_Pp6XZnhnUDLYhYqfKvpM3Ze8r4f5eqCi185kAwexYJ54z2SrsBKS7OCSyxypBqhzLq4P1CHS1EoYxn7rZH45KK1WkmBh4SJ_vav0yi1cP0ujUVs-hb5pjtDkeViKG7DXdkt_96iDK7l6SJ05WyaZGe1JPY--qdYhHy5ikXo0pOSkbZRSxPQdJcrb1g9qnmfxsxOvrZQV8S7Ogf0Y7kkXZcRX17ELjnLDfEPVAW7sP7Wm4WRN1tf7SBrPic&sai=AMfl-YTjuRmgtQlqrlB2fPxARD-Mvanq29bSomA3Mhw7CvUofiz1mHcU1RcU9tWaiKhzTU8j8cqD8JYNsEjWe7XBeCUMd6AgpgwbCmQkfuejfRMFRb1X4211o9rTjhf5o1GRroPa9B2YpJyyKACvvunc&sig=Cg0ArKJSzOb-nTO_kzjXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
freeskreen.min.js
static.freeskreen.com/ba/83/ Frame 40CA 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/ba/83/freeskreen.min.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-103.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29484f6baa8ebd0b89addacc345b48a3d5bc0c5e9bde3f685658a4c0648e524e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
aYgP9B3T7Nzi2CKpd1z4wMolbHgI01v0
Content-Encoding
gzip
Via
1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
Date
Thu, 13 Jul 2023 08:12:23 GMT
X-Amz-Cf-Pop
EWR53-P1
Age
43509
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9310
Last-Modified
Tue, 25 Oct 2022 17:53:58 GMT
Server
AmazonS3
ETag
"c7579f22e0c556f342242a50daf6fb39"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
3dJcBT10OdEpYavCBKmw8vXpuBLRce-8Qf1-4FJ4GATsjqYOZFT5Ng==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 40CA 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:17:25 GMT
moatad.js
z.moatads.com/bellmediadfp605600943044/ Frame 40CA 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bellmediadfp605600943044/moatad.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
09d9936362c5f41454563bd60d26ab8c0cc78e1d7ed7638fda491a2e19deed87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:39 GMT
server
AmazonS3
x-amz-request-id
J088KQM9PK8GTJRC
etag
"9207f00469e64dc84ae7f35d14f9e3cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=21191
accept-ranges
bytes
content-length
3987
x-amz-id-2
WJkYxw+ki6QFO9fKF6pBSp9iTC1RMSckZ691P3dcN11s02/eE6Yvp/IceSs8IG9D1smtuEvZilQ=
view
securepubads.g.doubleclick.net/pcs/ Frame ECAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3JA6KrF_kiKqjZrSpFVHGK3ybfC1qfGyBKuGW4NuCxJz5R_2vSaWJfBu2Wcl7UVQSHf773-HxULbglsQdqgk8udpjdGKfcaGor0B61xdby6AxjNvyu4yMtR3MRVTtINEuNpTJT-z1yaWL4s_LG0lNN-p48_PelGcdx7NZ62EJO6MR4cO6DHXk5tOA2BLntrLraewWqO1Vkb2ePB5QVL1lnmgG4ps_eMC_ZiuHEyKQZeEnOwxJ8_MI4xXW_puw6e9y7ij2mMjRnTnfFiX-SGcZFQhkZ0gZes4xN5b71YfFacfbRALRuC7Hpz1WDhifzPY9PDpzfuaemdunueUOy1FsUsTaznKmds0&sai=AMfl-YRcQ_XmxSK9Q5NHO7EXNaO3kjxrFi9PSbOCdfazCjitS3t0ju1I3UwJaSsRoATIkZAb9QKwPOjse8uhwz2z4MYJF8PSByncw9boedVqFlZGjiosvNZSnExX7B-MXXkOxYLz3_ge0qBBz8skEmze&sig=Cg0ArKJSzPJ6KnhswPG5EAE&uach_m=[UACH]&adurl=
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame ECAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:53:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 18:53:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECAA 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:17:25 GMT
moatad.js
z.moatads.com/bellmediadfp605600943044/ Frame ECAA 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bellmediadfp605600943044/moatad.js
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
09d9936362c5f41454563bd60d26ab8c0cc78e1d7ed7638fda491a2e19deed87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:39 GMT
server
AmazonS3
x-amz-request-id
J088KQM9PK8GTJRC
etag
"9207f00469e64dc84ae7f35d14f9e3cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=21191
accept-ranges
bytes
content-length
3987
x-amz-id-2
WJkYxw+ki6QFO9fKF6pBSp9iTC1RMSckZ691P3dcN11s02/eE6Yvp/IceSs8IG9D1smtuEvZilQ=
1734786332525156172
tpc.googlesyndication.com/simgad/ Frame ECAA 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1734786332525156172
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3e34f3c8899b3b685b39f38df800334e9a6de41d8b4dc9931bc30942ba5cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:04:23 GMT
x-content-type-options
nosniff
age
169982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44107
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 20:56:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 Jul 2024 21:04:23 GMT
truncated
/ Frame 8CE9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91c3ea673dce470fac9d86290a8307c387e2a495428e9bc26082da3798b5b51a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ECAA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0dc78fd061c546de265a4def7fa8fc08be6b5759039573a1292e141a857a18e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
xuid
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c790122c-5e0d-4328-8f22-f8881f935a25&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=c790122c-5e0d-4328-8f22-f8881f935a25&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=c790122c-5e0d-4328-8f22-f8881f935a25&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwODIzOTAyMTI0Mjk5MTExNjM1Nw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKUX0088nIQPYwbMKX0nhnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKUX0088nIQPYwbMKX0nhnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKUX0088nIQPYwbMKX0nhnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7CB1
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwODIzOTAyMTI0Mjk5MTExNjM1Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwODIzOTAyMTI0Mjk5MTExNjM1Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwODIzOTAyMTI0Mjk5MTExNjM1Nw%3D%3D
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 7CB1 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3208239021242991116357&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: EEE44519CA4140F182B65C3E527FFA32 Ref B: YMQ01EDGE0419 Ref C: 2023-07-13T20:17:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAZAVK1S/yNLTkiurvYg==
xuid
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3208239021242991116357&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=69937b77-a16f-4864-96ed-07366cef82ae
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=04eaa5d4-6f25-449b-90dc-395f6f72c958&expires=10&ssp=triplelift&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae
  • https://eb2.3lift.com/xuid?mid=2409&xuid=69937b77-a16f-4864-96ed-07366cef82ae&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=69937b77-a16f-4864-96ed-07366cef82ae&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=69937b77-a16f-4864-96ed-07366cef82ae&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 13 Jul 2023 20:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 7CB1 		42 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3208239021242991116357&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
last-modified
Tue, 06 Jun 2023 17:34:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7DEAA9AA9BCC4C56ADCEAD28AFC91115 Ref B: YMQ01EDGE0620 Ref C: 2023-07-13T20:17:25Z
etag
"4729cb259d98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3208239021242991116357?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zD7ns0FE2oQzkuNWvZFu_wqVacG.wsIg2PMpUNnW.w--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zD7ns0FE2oQzkuNWvZFu_wqVacG.wsIg2PMpUNnW.w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 13 Jul 2023 20:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zD7ns0FE2oQzkuNWvZFu_wqVacG.wsIg2PMpUNnW.w--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=VxHEZ5CMWyBRS1-e7OLb&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KZ4EQRK2GVBU2...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=VxHEZ5CMWyBRS1-e7OLb
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=VxHEZ5CMWyBRS1-e7OLb
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=VxHEZ5CMWyBRS1-e7OLb
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 7CB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3373822132269096047&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3373822132269096047&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
an-x-request-uuid
63a47efd-9f6e-4b2f-a6e1-cc071c9b07fb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=3373822132269096047&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame 7CB1 		0
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=3208239021242991116357
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.24.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-24-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8CE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8JhQkWLBeCN5KX7dOAYC90fZWYnD0jUOqROXemwqkzDqhRgEe14SpTMh4MwRB-YSURKJ43j_-DtEkIWw1RauiN3HST9dWOzAAc7DwFKwBYMaaNKKrD0G8xtL05b9bFh_24zvO56H051sXrPoxR8JZhl13NkH6BE5Z0AhImWoE8mi1dYyBQzrqVRnRIybp38NGRdyrlQT5y25ci66VvR7Y7XXby3MSwz3a8KBDXdfZt6bINhzXsKIUzc-V2G3o5jjwvQfP00V9WKUJNtaT3zgFBuxKTaEOnvZPC_vCV4JAVvDgwD6Zhhwb1Ljuw09gQt_ONJuymygegGhS1XV4TpT8LVofXDYN0kOJ3Q&sai=AMfl-YT_c_k-2ZZQNYUDbKM45m5uATU9yM6lb_9n7W5EGMBYpsPC_bEQBF-rOCiEcuzDbc1rXFtlC7uFCMSdvOu4Ch0TqLuxNp5KdNDGsWe8VlF_IR8OoGnxgaO9AOcq65k5B3vnvoGPUn3uWoppat_U&sig=Cg0ArKJSzCdecqVbV-QIEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jul 2023 20:17:25 GMT
script.js
sb.freeskreen.com/publisher/ 		86 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.freeskreen.com/publisher/script.js?bai=83&ut=&uts=&p_cust_params=amznbid%253D1%2526amznp%253D1%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253Drts%2526prmtvsdk%253Dweb&flc=&slc=&windowlocation=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&usp=&gdpr=-1&cs=-1
Requested by
Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/83/freeskreen.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.233.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-233-118.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
883b6935a93d015ff91c410a434b1835430622a24f4d92cc848154c87a1b0103

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
content-encoding
gzip
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
22724
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 40CA 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d1b28f60b6cc197d9586b43f8a443d6a948dc34284f51e7e0764729ba2518c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 40CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQrQBEAJ25NP45PiWCmFWZB9Vp_Bwy3Nk6LZuI3IC79VQIBIPTzmr792QwKHNasH8_abmFx87scn1uXgOC5yWYWl_eo06QvC8hBfMzKXtc4LImN7cTMNoab7R-AE2MB8SYvReABx6gx3YS0cQR3SzF8YneKtmSyr3nHND9LOxB9z-ps2x0Qs49x7G4XLFXeip7kh-ith8UgdcFOeSV4cW22nfpfFyL31L7U-ZcN6S9JWLccLRNSoImn2RQRH_akJ7BqmVprr0uXtoLgZrd5yUxArdt2KFznBQG2glYVJsGfwooEh2EfzweTX1lSokqA_UQxuQlD3KpFCMELqJSWCS4VCx3l4nNkg&sai=AMfl-YQNtX40PtSYrwDdsX15qecOarEs0Y2uujHVUlrBjM2AlwpM5I-CE3XCB-h57i3Gacl1wx5Q8GgG9IS0dvb1KBvqA2Pjgtkv6lJOtgSH_sxfTrg0voKKQHM8T4s0GilLvfq2oHkaZjwysaABh5Gc&sig=Cg0ArKJSzHnbn0IwlhwnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jul 2023 20:17:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ECAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnLoNYI3AQ7Ts9eiSBbVV_xp8ay9snjHGXVnF1CLca5mLCAVvfIJ5i-qUQamP3Q6dlsHSCPHbcxXOhA6PzPeIXjTKvBiwZGCBmJRb4aU2Hx65qk3jijt52vnmLhJeygQLTz7o2rhHNMk-njfM_09_hBkxxwdrdt2NbG4OZqYd6bOjhtloU0Qoo45yqEYDemQKpZjlzBbGMoZ4HoM73OvhHqsVTrNfllNhcz9s1DX9U9pHv52psBNjJOS6kCj_BEDWhvTioDViBQkjIZo8U8huTyxkdu1MW44VWUC3T_vjoNQ1IO6u8sW4RUgzQoUliR-1OhX4D_1aibOOyzJHt8L_ujdUiois6W5Fu-A&sai=AMfl-YSkRpv_YJSrOUi1ZXfN1YRoxrxz15DahCsaFECK7zN3p2mEstxP1jaSy1iwigi3nNKmlWQQxySz-KITpBYkne5mScPfV8Bm73EXGCjq9zOafgUzKbe3cw8YGow3eycrdzD_p1H3OEwr1XXt-6aG&sig=Cg0ArKJSzJ_-Ydi9IBz4EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jul 2023 20:17:25 GMT
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:17:26 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ac
ww1772.smartadserver.com/ 		16 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=2819792649&out=js
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=83&ut=&uts=&p_cust_params=amznbid%253D1%2526amznp%253D1%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253Drts%2526prmtvsdk%253Dweb&flc=&slc=&windowlocation=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.97 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.97.rdns.racklot.com
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
cache-control
no-cache,no-store
usync.html
eus.rubiconproject.com/ Frame D71A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=83&ut=&uts=&p_cust_params=amznbid%253D1%2526amznp%253D1%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253Drts%2526prmtvsdk%253Dweb&flc=&slc=&windowlocation=https%3A%2F%2Ftoronto.ctvnews.ca%2Fmobile%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jul 2023 20:17:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Jul 2023 20:17:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
server
AkamaiGHost
um
sb.freeskreen.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
  • https://sb.freeskreen.com/um?sa=7544388502924255489
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?sa=7544388502924255489
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
107.20.233.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-233-118.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?sa=7544388502924255489
date
Thu, 13 Jul 2023 20:17:26 GMT
content-length
0
um
sb.freeskreen.com/
Redirect Chain
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://sb.freeskreen.com/um?tlr=c49814839cb94cf9b1c231ad69e6b532
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?tlr=c49814839cb94cf9b1c231ad69e6b532
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
107.20.233.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-233-118.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?tlr=c49814839cb94cf9b1c231ad69e6b532
date
Thu, 13 Jul 2023 20:17:26 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
um
sb.freeskreen.com/
Redirect Chain
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
  • https://sb.freeskreen.com/um?ac=fe5f14be-81b2-4327-938d-48097bf88ad2
43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ac=fe5f14be-81b2-4327-938d-48097bf88ad2
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
107.20.233.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-233-118.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://sb.freeskreen.com/um?ac=fe5f14be-81b2-4327-938d-48097bf88ad2
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
um
sb.freeskreen.com/
Redirect Chain
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
  • https://sb.freeskreen.com/um?ni=cb357941b6e8be67980644c179e8236d
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ni=cb357941b6e8be67980644c179e8236d
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
107.20.233.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-233-118.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

date
Thu, 13 Jul 2023 20:17:26 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sb.freeskreen.com/um?ni=cb357941b6e8be67980644c179e8236d
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame D71A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e9cac0c27e07404baecabfb6a87decc67e0c77bb964e80b3e25b0a4d6a9255f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:17:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 23:31:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11704
Connection
keep-alive
Content-Length
10114
Expires
Thu, 13 Jul 2023 23:32:30 GMT
um
sb.freeskreen.com/ Frame D71A
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LK1LD5WJ-H-E9GQ
  • https://sb.freeskreen.com/um?mg=LK1LD5WJ-H-E9GQ
43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?mg=LK1LD5WJ-H-E9GQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol
H2
Server
107.20.233.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-233-118.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sb.freeskreen.com/um?mg=LK1LD5WJ-H-E9GQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
/
hde.tynt.com/deb/ Frame F96E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
0456579e1a0c69724ff199ebf59b46e5bdbd0de20016903ff1e418d490dcf49a

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1706
content-type
text/html
date
Thu, 13 Jul 2023 20:17:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 13 Jul 2023 20:17:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usync.html
eus.rubiconproject.com/ Frame 3F68
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jul 2023 20:17:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Jul 2023 20:17:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B973
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1689279446598.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117398
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 13 Jul 2023 20:17:26 GMT
expires
Sat, 15 Jul 2023 04:54:04 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 13 Jul 2023 20:17:26 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP007
x-33x-status
40000000008200000A
setuid
prebid-server.rubiconproject.com/ Frame F96E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1689279446598.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gd...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212207471110146
0
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212207471110146
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
3.224.24.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-24-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212207471110146
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F96E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=c790122c-5e0d-4328-8f22-f8881f935a25&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=69937b77-a16f-4864-96ed-07366cef82ae
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=69937b77-a16f-4864-96ed-07366cef82ae&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F96E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-IdVpFr5E2uF8JRPJzgfwbTMwc71CHkOx~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IdVpFr5E2uF8JRPJzgfwbTMwc71CHkOx%7EA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IdVpFr5E2uF8JRPJzgfwbTMwc71CHkOx%7EA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-IdVpFr5E2uF8JRPJzgfwbTMwc71CHkOx%7EA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F96E
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4e28f1a04a8d1471&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMjXRxabdF7wNZsZ8UAAAAAAA&expiration=1689365846&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMjXRxabdF7wNZsZ8UAAAAAAA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMjXRxabdF7wNZsZ8UAAAAAAA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMjXRxabdF7wNZsZ8UAAAAAAA&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F96E
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3208239021242991116357
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3208239021242991116357&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3208239021242991116357&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:25 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3208239021242991116357&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 3F68 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e9cac0c27e07404baecabfb6a87decc67e0c77bb964e80b3e25b0a4d6a9255f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:17:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 23:31:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11704
Connection
keep-alive
Content-Length
10114
Expires
Thu, 13 Jul 2023 23:32:30 GMT
match
events-ssc.33across.com/ Frame 3F68
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LK1LD5WJ-H-E9GQ
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LK1LD5WJ-H-E9GQ
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LK1LD5WJ-H-E9GQ&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LK1LD5WJ-H-E9GQ&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LK1LD5WJ-H-E9GQ&ts=1689279446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B973 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41546732&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
59ffe6d9e4aa766a1b6efdb7ce5c1ec1aadf77406c6d34ef4da7adacf9f70b1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 20:17:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CE9 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuETLHakhe4UN4vsPKZ0JYVbFOp4sndBfxPP7oPfVPFmfF0OwIxakjQTkj8rEJeB0WNqYMAHcDzh9i36vVsVjPwkMuktILE32bPAk4IV7Sggz1Hecqs&sig=Cg0ArKJSzGipbTjDIKrTEAE&id=lidar2&mcvt=1001&p=99,436,189,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3926645308&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689279445617&rpt=167&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Jul 2023 20:17:27 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 12DA 		85 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 13 Jul 2023 20:17:26 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12822-YUL
x-timer
S1689279447.917665,VS0,VE16
Pug
image2.pubmatic.com/AdServer/ Frame 54B2
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477416439085593
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477416439085593
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 17:23:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 13 Jul 2023 20:17:27 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477416439085593
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame EAAA 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=0B81145E-C729-4696-B61A-D773814761D7&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Jul 2023 20:17:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3AFHYPJAJ1YY19QNM3RZ
Pug
image2.pubmatic.com/AdServer/ Frame 375A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVWRFN0pZTGdBQUNhdlAwMURLZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABUdE7JYLgAACavP01DKg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABUdE7JYLgAACavP01DKg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABUdE7JYLgAACavP01DKg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABUdE7JYLgAACavP01DKg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7544388502924255489&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUdE7JYLgAACavP01DKg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUdE7JYLgAACavP01DKg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 13 Jul 2023 20:17:27 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUdE7JYLgAACavP01DKg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame FFCE
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_8b0dc000367b4b7f97614
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_8b0dc000367b4b7f97614
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 17:26:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Thu, 13 Jul 2023 20:17:26 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_8b0dc000367b4b7f97614
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 92F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3373822132269096047&gdpr=0&gdpr_consent=
42 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3373822132269096047&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
565d1060-0997-4fce-8557-7000241511d1
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3373822132269096047&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 7274
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 17:26:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 13 Jul 2023 20:17:27 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync.aspx
dis.criteo.com/dis/ Frame 1A45 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 20:17:26 GMT
expires
Thu, 13 Jul 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
250881
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2BD7
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=484afda8-21ba-11ee-afe2-e5628e34fd89
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=484afda8-21ba-11ee-afe2-e5628e34fd89
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 13 Jul 2023 20:17:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=484afda8-21ba-11ee-afe2-e5628e34fd89
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
sjc-delivery-3
Pug
simage2.pubmatic.com/AdServer/ Frame 3BC3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fxwlYUubUiBvJ8uiP7oHl5U4mbc&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fxwlYUubUiBvJ8uiP7oHl5U4mbc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jul 2023 20:17:27 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fxwlYUubUiBvJ8uiP7oHl5U4mbc&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 97E4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bl7jxeH81Qk2KF5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bl7jxeH81Qk2KF5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Jul 2023 20:17:26 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bl7jxeH81Qk2KF5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-044287744fb215e18@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 56CC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=799697120681
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=799697120681
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=799697120681
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 6D22
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=4f439bbc-69ef-4ad8-89ca-d9f750657742&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0B81145E-C729-4696-B61A-D773814761D7
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0B81145E-C729-4696-B61A-D773814761D7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.233.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-233-1.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 13 Jul 2023 20:17:27 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 13 Jul 2023 17:26:47 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0B81145E-C729-4696-B61A-D773814761D7
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
s.tribalfusion.com/z/ Frame 3447
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7e6435a179f436b2-YYZ
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7e6435a02fbd36b2-YYZ
content-type
text/html
date
Thu, 13 Jul 2023 20:17:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
190
Pug
simage2.pubmatic.com/AdServer/ Frame 1A75
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
42 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 20:17:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 4BF6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
99 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 13 Jul 2023 20:17:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
match
events-ssc.33across.com/ Frame C4AB 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=0B81145E-C729-4696-B61A-D773814761D7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Thu, 13 Jul 2023 20:17:26 GMT
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C4EUXscpRpa2GtdzgUdh1w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117397
accept-ranges
bytes
content-length
5606
expires
Sat, 15 Jul 2023 04:54:04 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame B973
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0B81145E-C729-4696-B61A-D773814761D7
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0B81145E-C729-4696-B61A-D773814761D7
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1ccd233f-dde6-4277-b9e7-9d2b983ec720%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c790122c-5e0d-4328-8f22-f8881f935a25&ttd_puid=1ccd233f-dde6-4277-b9e7-9d2b983ec720%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c790122c-5e0d-4328-8f22-f8881f935a25&ttd_puid=1ccd233f-dde6-4277-b9e7-9d2b983ec720%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c790122c-5e0d-4328-8f22-f8881f935a25&ttd_puid=1ccd233f-dde6-4277-b9e7-9d2b983ec720%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame B973 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=0B81145E-C729-4696-B61A-D773814761D7&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame B973
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B81145E-C729-4696-B61A-D773814761D7&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1db0072e-84de-4d45-9c1a-8c8d03901c74
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B81145E-C729-4696-B61A-D773814761D7&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1db0072e-84de-4d45-9c1a-8c8d03901c74
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
54.175.95.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-95-162.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 13 Jul 2023 20:17:27 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0B81145E-C729-4696-B61A-D773814761D7&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1db0072e-84de-4d45-9c1a-8c8d03901c74
date
Thu, 13 Jul 2023 20:17:27 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEI4MTE0NUUtQzcyOS00Njk2LUI2MUEtRDc3MzgxNDc2MUQ3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 17:23:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDafE27dkOAJy7FGee6HvIM&google_cver=1
42 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDafE27dkOAJy7FGee6HvIM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 17:27:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDafE27dkOAJy7FGee6HvIM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 13 Jul 2023 20:17:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 12 Jul 2023 20:17:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c790122c-5e0d-4328-8f22-f8881f935a25&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4256294268177021327&gdpr=0&gdpr_consent=&us_privacy=
1 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4256294268177021327&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 17:23:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4256294268177021327&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
0B81145E-C729-4696-B61A-D773814761D7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B973 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0B81145E-C729-4696-B61A-D773814761D7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:489a:e998:102d:89d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0B81145E-C729-4696-B61A-D773814761D7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-N0X7_DtE2uXzbDlemo0nhSuKIm1LyEE-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-N0X7_DtE2uXzbDlemo0nhSuKIm1LyEE-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-N0X7_DtE2uXzbDlemo0nhSuKIm1LyEE-~A&gdpr=0
date
Thu, 13 Jul 2023 20:17:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5f1e15ea2a720ffe&is_secure=true&networkId=17100&version=1&nuid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHQykQDSiozwNPp6EIAAAAAAA&expiration=1689365847&nuid=0B81145E-C729-4696-B61A-D773814761D7&...
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHQykQDSiozwNPp6EIAAAAAAA&expiration=1689365847&nuid=0B81145E-C729-4696-B61A-D773814761D7&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHQykQDSiozwNPp6EIAAAAAAA&expiration=1689365847&nuid=0B81145E-C729-4696-B61A-D773814761D7&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee&gdpr=0&gdpr_consent=
1 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 17:26:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee&gdpr=0&gdpr_consent=
Date
Thu, 13 Jul 2023 20:17:27 GMT
Connection
keep-alive
X-CI-RTID
9df1f18e-4443-435e-8556-2305933debd7
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=afc926e3-7f9d-4e74-a6d6-520441e5e5f5&ssp=pubmatic&expires=30&user_group=5&bsw_param=69937b77-a16f-4864-96ed-07366cef82ae
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&gdpr_pd=
1 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=69937b77-a16f-4864-96ed-07366cef82ae&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 13 Jul 2023 20:17:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame B973 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.66.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-66-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:26 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_105C3DBC0_3B8A23CB&r=https://pmp.mxptint.net/sn.ashx?ak=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_105C3DBC0_3B8A23CB&r=https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_105C3DBC0_3B8A23CB&r=https://pmp.mxptint.net/sn.ashx?ak=1
Date
Thu, 13 Jul 2023 20:17:26 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-372284247; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
302
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3041584026635316985
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3041584026635316985
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3041584026635316985
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame ECAA 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsuBnfc_Zt_5F0ge8OT2BkBZirEh58tvSCidzrrB46QomDlU73LXHAIIVqSYUNaOOzcyDBiVXNRsjuYMozQ4LUgbxeTLSVkV40PeT0CsoWDl_GEKG5&sig=Cg0ArKJSzAVqkBb1KSIcEAE&id=lidar2&mcvt=1053&p=516,1092,766,1392&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1320652251&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689279445666&rpt=211&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Jul 2023 20:17:27 GMT
events
api.permutive.com/v2.0/batch/ 		201 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
28ad5866ac6853e1173af7dbf67ac4c2ea25d0e0d102c92d72055569c82eb3e6

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://toronto.ctvnews.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26u...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=69937b77-a16f-4864-96ed-07366cef82ae
86 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=69937b77-a16f-4864-96ed-07366cef82ae
Requested by
Host: toronto.ctvnews.ca
URL: https://toronto.ctvnews.ca/mobile/fake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187
Protocol
H2
Server
3.224.24.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-24-205.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=69937b77-a16f-4864-96ed-07366cef82ae
Date
Thu, 13 Jul 2023 20:17:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
901ff7d5b5718cc8855b7897bbbd61cd92022e0f9a8655bb957c07b7790651fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11740
x-xss-protection
0
share_button.php
www.facebook.com/plugins/ Frame DB74 		44 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfedae0971591bc%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=df136b0e48cb02c61129fe971064a9d9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a44d09ac7b799fc593161fc43abcf224f879f46de5b80c321eb1251d89f07ca4
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 20:17:27 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
S1+IBqUK3ow23SPjn1tL6ciHoRTqXKWRm+sa5prO7dKeQISjwO4qfau7F/P+vLd1dePCb4zu9Lr3KQiXziexYg==
x-xss-protection
0
share_button.php
www.facebook.com/plugins/ Frame FEEF 		44 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d35573e41e99%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=df136b0e48cb02c61129fe971064a9d9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
220143b106d9f2e76d737fec15e695332f910bfe1ab758c1dc4507a2e34cb798
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 20:17:27 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
vha94OrgDWjzDNhsN8ZFC0T+OWk8Lq0MjTr7T5BQuDHBPBC2+M+gxC/Hyj0zz5qyL7qlEzCFNsSOpVDBfMB0Gg==
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A70A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=toronto.ctvnews.ca
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 20:17:26 GMT
server
Kestrel
server-processing-duration-in-ticks
709995
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 20:17:27 GMT
sid
mug.criteo.com/ Frame A70A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ctvnews.ca&sn=ChromeSyncframe&so=0&topUrl=toronto.ctvnews.ca&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=8QQ9UnxLU0M4UzR6S0QwaHlHdEg0ZWtqY2VHMHFsTWlUT08zSjgyQnNxRk44SkE2eWtUcW4rZzkvZ1R2Q1dUUnFFaVpyaG1qMnU0WmJKdGpGRjZDWHF1enZZWlJQZmx0YTVaZmE5UUFCaGRBcUVnamF4SU80VFQvelpOcG...
438 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8QQ9UnxLU0M4UzR6S0QwaHlHdEg0ZWtqY2VHMHFsTWlUT08zSjgyQnNxRk44SkE2eWtUcW4rZzkvZ1R2Q1dUUnFFaVpyaG1qMnU0WmJKdGpGRjZDWHF1enZZWlJQZmx0YTVaZmE5UUFCaGRBcUVnamF4SU80VFQvelpOcGoxN2lTU1JMTVF6WHdNVmZBc2dwWXZzWWlKWFNhRlJDRlNPeGlzN1RBVkVTRkVYdHJ6aTBWdVMxUTUvQ09mMVIzaDlrS0pZTHJiZXA0UGRGNXJ3SGwwYkhYcEpnejBoQURiaEN1QkhKYzZNcDlqOGdXZUlUazkvV05sMmNYbS9BSStoakFCUVpOYlVNZ01WbHFwVGlJamJTYTh5RzkxQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2ae5aade1d283ed939caa401d59541f75f65bb76fd30812967420e4a6b761a69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1890317
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=8QQ9UnxLU0M4UzR6S0QwaHlHdEg0ZWtqY2VHMHFsTWlUT08zSjgyQnNxRk44SkE2eWtUcW4rZzkvZ1R2Q1dUUnFFaVpyaG1qMnU0WmJKdGpGRjZDWHF1enZZWlJQZmx0YTVaZmE5UUFCaGRBcUVnamF4SU80VFQvelpOcGoxN2lTU1JMTVF6WHdNVmZBc2dwWXZzWWlKWFNhRlJDRlNPeGlzN1RBVkVTRkVYdHJ6aTBWdVMxUTUvQ09mMVIzaDlrS0pZTHJiZXA0UGRGNXJ3SGwwYkhYcEpnejBoQURiaEN1QkhKYzZNcDlqOGdXZUlUazkvV05sMmNYbS9BSStoakFCUVpOYlVNZ01WbHFwVGlJamJTYTh5RzkxQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
467309
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 14E8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
5039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 18:53:28 GMT
expires
Fri, 12 Jul 2024 18:53:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8AF8 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab562dd8fad058f774bf85802d19249ac2cf1af160bf30e756234c4618286271
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wwEFQwGr1JKiGPVt0SHzcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-wwEFQwGr1JKiGPVt0SHzcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 20:17:27 GMT
expires
Thu, 13 Jul 2023 20:17:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 14E8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
542740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 Jul 2024 13:31:47 GMT
qisJlHH0PvD.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/ Frame DB74 		518 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/qisJlHH0PvD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfedae0971591bc%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9ca12e2e5cef0e2f466d001baf075b03d028b6eae3b110920cba59452cde6e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
otqVk8E/92VHgH0cUl0b8A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136672
x-fb-debug
5ZSvnqFzl5RbjTzwQ8isPlw13xPg2nqa2jXjq6EG3jgdpQlorSLi8WL6eLNvwKFA+JWku/O5oCYGaA83eBsB2A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 12 Jul 2024 02:09:46 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame DB74 		272 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfedae0971591bc%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-debug
HTp7WLwXrPg0yJZj+q4iI9rVm54iQB45g/wGT+nopS3seC5InzplNTDxNh+k4rHebElw4C1lbxaZk+evIfWq2w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 12 Jul 2024 05:50:37 GMT
qisJlHH0PvD.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/ Frame FEEF 		518 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/qisJlHH0PvD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d35573e41e99%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9ca12e2e5cef0e2f466d001baf075b03d028b6eae3b110920cba59452cde6e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
otqVk8E/92VHgH0cUl0b8A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136672
x-fb-debug
5ZSvnqFzl5RbjTzwQ8isPlw13xPg2nqa2jXjq6EG3jgdpQlorSLi8WL6eLNvwKFA+JWku/O5oCYGaA83eBsB2A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 12 Jul 2024 02:09:46 GMT
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame FEEF 		272 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=512600388751362&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d35573e41e99%26domain%3Dtoronto.ctvnews.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftoronto.ctvnews.ca%252Ff338891de27e4a4%26relation%3Dparent.parent&container_width=43&href=https%3A%2F%2Ftoronto.ctvnews.ca%2Ffake-airline-ticket-scam-targeting-italian-community-leads-to-six-fraud-charges-1.2732187&layout=button_count&locale=en_US&sdk=joey&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-debug
HTp7WLwXrPg0yJZj+q4iI9rVm54iQB45g/wGT+nopS3seC5InzplNTDxNh+k4rHebElw4C1lbxaZk+evIfWq2w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 12 Jul 2024 05:50:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8AF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307120101&jk=320795996668313&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 14E8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iw6WXg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307120101&jk=320795996668313&bg=!KCulK3_NAAb90kgr3dI7ADkAdvg8Wgl9cWQXgIHo_eOjm9oxMGmwUXLMITBxqWP4wSphUHs5ofZhR_IykgLcWjMEjkhR_DW5W94CAAAAhlIAAAAJaAEHCgBnkOlLmwwpdcQq0YaJoYid3kCoW217cFmdUjGEzjoZ954XeeydBIPHeKQ2JyViwZk_7qXUvMan3cVZVNuvOiBvXxGaV04h_W7CvQiUY6pT9x1wZwtSzlLyiQ_ucSAK9o_ezFiXxrHQNJkCokaGTAFiGOmGmB21gO5ObA6YO_dhOFQDCrbIdRD5WHB7LX_GGEmhhTblldgJJQHkhRji0YkpHqzOiVWjeoakaaG-P6bYIoNW3dzRvSBNsV046cAPWmIWwet-HcC_EdUmZIf1_skzZf-PDs1hhcjqV_Rv0Mvm2RTXHX5sHNcQAShal4i5rpbcTbQmL4l6QAHrD2Mhz9BYSAYvoguvwKukpuj7hq1BKNJoXrJehqcENthl5U2Ev3fs-xwLHSxviETGJRzfThRb_HIBQFEOVHuOJnS98Cayowb2_RQbq5r4oOHsAUFNrP5N3rI8KqoXyQT9K3TutAkQVPdBhlARgRGOA4i_q00VvWgxDOLMwKGvslNljgCHXOAM11T1C_PbtJvSffYGQUQxJc6S6Ow7XGMRonEyTVlQrcQZZN__HqCAvftZqMMzdlle9ajG448aGro9p4XQhAxybDCIQBplOQSfp5W9HFsbh6x_7WUf-R78zwXjLTrowJkinaEDe2aUOKywNsW1OKazFqeO-0wG3o9ahCk0mI17Z4ysH0oQQPW6mU_302SRBBKQyfPQqKLqon2aTcZ66ke0vYntSxyyL1JoAgzdCzudBaHK5ldpJtOFsNn7UB62A3XUtc0bbWnUmgtOsi8ZnNYxua97ZmrvCiMSV7zobrGNR7VyoLvObe9ZcT6Va1IT4Z2N1vsJBzL9lnsj6JG0fvMsNGb3nmbpoceoXC7-HyDCk_RKbgNHR8mDQoSAz7hn39h5HERHE8SBMYuVd2XSgdl4MMxqIYqMXFmViOaBQFCP-vzyYOAg2ET_lhH5XDP59fA-w1N48aQXal_-qVMsRmyEMWgkk_ene9gRpWi5RwWTJatihpZixvn_GrKFr_T4HkKCQ6j3SIFiIiKzfaSh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://toronto.ctvnews.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame B973 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156423&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame B973 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62175666&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
45d6ea3aa9c3823dba8110a570a861b37c0d375744000a088eedfe3947c55e4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 20:17:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
t.adx.opera.com/pub/ Frame 4AB1 		0
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 13 Jul 2023 20:17:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C891
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1689279450529
  • https://ad.turn.com/r/cs?pid=45&rndcb=5330029013
  • https://sync.1rx.io/usersync/turn/4256294268177021327?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-099889c2-2130-4714-8a62-8a12e93e2223-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-099889c2-2130-4714-8a62-8a12e93e2223-005
42 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-099889c2-2130-4714-8a62-8a12e93e2223-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 13 Jul 2023 20:17:30 GMT
ETag
RX099889c2213047148a628a12e93e2223005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-099889c2-2130-4714-8a62-8a12e93e2223-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
image2.pubmatic.com/AdServer/ Frame 800E
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WjX-yiKvAHykdY6g2luwZA
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WjX-yiKvAHykdY6g2luwZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 20:17:30 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WjX-yiKvAHykdY6g2luwZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 4523 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 13 Jul 2023 20:17:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame BB02
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=61c43ae6-268c-447b-b8f9-d1da93f9b875
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=61c43ae6-268c-447b-b8f9-d1da93f9b875
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 17:26:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 13 Jul 2023 20:17:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=61c43ae6-268c-447b-b8f9-d1da93f9b875
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame 893D 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Jul 2023 20:17:30 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-325a0f48d4c5@version_1.562v2
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 8193 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 13 Jul 2023 20:17:30 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 7159
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7425658501047677522&uid=Q742565850104767...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7425658501047677522
42 B
96 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7425658501047677522
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 17:26:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=26001
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 13 Jul 2023 20:17:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7425658501047677522
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame CCFA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D&gdpr=0&gdpr_consent=
1 B
73 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 17:23:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 13 Jul 2023 20:17:30 GMT
expires
Wed, 12 Jul 2023 20:17:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5DC67FDE6B71483E96813E2D0E62AF6D&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
match
events-ssc.33across.com/ Frame 0528 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=0B81145E-C729-4696-B61A-D773814761D7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Thu, 13 Jul 2023 20:17:30 GMT
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame B973
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
date
Thu, 13 Jul 2023 20:17:30 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Martin
crb.kargo.com/api/v1/dsync/ Frame B973 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.78.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:30 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame B973 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.14.2 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 13 Jul 2023 20:17:29 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame B973 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=0B81145E-C729-4696-B61A-D773814761D7&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.172.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:17:30 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
4b530631-21ba-11ee-a0bb-069d9797a723
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-060dd209cd9c85928
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3373822132269096047
42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3373822132269096047
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 17:26:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:30 GMT
an-x-request-uuid
ee6156c8-e590-4b7d-9a5d-8ffb4355f733
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3373822132269096047
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B973
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:90e423e2-16d4-494f-b291-d288d0b9adc9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:90e423e2-16d4-494f-b291-d288d0b9adc9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 20:17:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:90e423e2-16d4-494f-b291-d288d0b9adc9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 13 Jul 2023 20:17:30 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
ixmatch.html
js-sec.indexww.com/um/ Frame 6A53 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
473
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7e6435b6082439cc-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 20:17:30 GMT
expires
Fri, 14 Jul 2023 00:17:30 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FE9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
48914
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 13 Jul 2023 20:17:30 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 21 Jun 2023 06:41:32 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2098, 95552
X-Served-By
cache-lga13626-LGA, cache-yyz4550-YYZ
X-Timer
S1689279451.520793,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame B948 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://toronto.ctvnews.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jul 2023 20:17:30 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/13126.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.58.121 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://toronto.ctvnews.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:17:30 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.58.121 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://toronto.ctvnews.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 13 Jul 2023 20:17:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usync.js
eus.rubiconproject.com/ Frame B948 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e9cac0c27e07404baecabfb6a87decc67e0c77bb964e80b3e25b0a4d6a9255f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:17:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 23:31:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11700
Connection
keep-alive
Content-Length
10114
Expires
Thu, 13 Jul 2023 23:32:30 GMT
async_usersync
ib.adnxs.com/ Frame FE9C 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:30 GMT
an-x-request-uuid
502c70dc-d041-4cdb-b05d-9386a907f8df
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1EC1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1768
Content-Type
text/html
Date
Thu, 13 Jul 2023 20:17:30 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
crum
dsum-sec.casalemedia.com/ Frame 1EC1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3373822132269096047
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3373822132269096047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:30 GMT
an-x-request-uuid
98f12b11-7eb6-47ea-9ad0-ffd56a6b1c00
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3373822132269096047
x-proxy-origin
149.56.153.183; 149.56.153.183; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1EC1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:489a:e998:102d:89d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1EC1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a01:489a:e998:102d:89d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB
date
Thu, 13 Jul 2023 20:17:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 1EC1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4256294268177021327
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4256294268177021327
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4256294268177021327
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 1EC1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZLBb0AAAAIpr9AOH
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZLBb0AAAAIpr9AOH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12822-YUL
pragma
no-cache
date
Thu, 13 Jul 2023 20:17:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1689279451.690184,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZLBb0AAAAIpr9AOH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 1EC1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5DC67FDE6B71483E96813E2D0E62AF6D
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5DC67FDE6B71483E96813E2D0E62AF6D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 13 Jul 2023 20:17:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5DC67FDE6B71483E96813E2D0E62AF6D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 12 Jul 2023 20:17:30 GMT
dcm
s.amazon-adsystem.com/ Frame 1EC1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLBb1XDmuBybKhFtfPszdQAAAGAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QQSCYQX1SSFFYVK86C63
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 1EC1
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=30dc67b4cd672355&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFroGdvS6-TAMLBDlRAAAAAAA&expiration=1689365850&is_secure=true
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFroGdvS6-TAMLBDlRAAAAAAA&expiration=1689365850&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 20:17:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:17:30 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFroGdvS6-TAMLBDlRAAAAAAA&expiration=1689365850&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1EC1 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZLBb1XDmuBybKhFtfPszdQAA%26096
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftoronto.ctvnews.ca%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
84689
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7e6435b7883ea1ec-YYZ
content-length
43
expires
Fri, 14 Jul 2023 20:17:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
platform.twitter.com
URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html

Verdicts & Comments Add Verdict or Comment

441 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 boolean| credentialless object| onbeforetoggle object| onscrollend string| videoPageUrl function| $ function| jQuery object| loadedResources function| requiresDependency function| createCSSDependency function| createJSDependency function| requireHeadJSDependency function| requireHeadDependency string| kruxID function| initLightBoxForms function| addUserAgentInfo function| loadLightBox function| imageGalleryChangeAd function| imageGalleryChangeSponsoredAd function| imageGalleryChangeText function| showOverlayBox function| doOverlayOpen function| doOverlayOpenMobile function| doOverlayClose function| outputError function| outputLog function| click_ShareResponsive function| createCookie function| readCookie function| eraseCookie function| unmuteVideoPlayer function| Krux function| redirectTo function| setCookieAndRedirect function| setCookieAndLoadSiteByMode function| getMobileUrl function| getDesktopUrl function| detectMobile function| sendToMobileChoicePage function| getURLParameter function| addHiddenValueToForm function| addDocumentReferrer function| ajaxLoad undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| Cookies function| jwt_decode function| moment object| YAHOO object| CryptoJS string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize undefined| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP function| pkcs1unpad2 function| oaep_mgf1_str function| oaep_unpad function| RSASetPrivate function| RSASetPrivateEx function| RSAGenerate function| RSADoPrivate function| RSADecrypt function| RSADecryptOAEP function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveFpDecodePointHex function| jsonParse object| ASN1HEX object| KJUR function| Base64x function| stoBA function| BAtos function| BAtohex function| stohex function| stob64 function| stob64u function| b64utos function| b64tob64u function| b64utob64 function| hextob64u function| b64utohex function| utf8tob64u function| b64utoutf8 function| utf8tob64 function| b64toutf8 function| utf8tohex function| hextoutf8 function| hextorstr function| rstrtohex function| hextob64 function| hextob64nl function| b64nltohex function| hextopem function| pemtohex function| hextoArrayBuffer function| ArrayBuffertohex function| zulutomsec function| zulutosec function| zulutodate function| datetozulu function| uricmptohex function| hextouricmp function| ipv6tohex function| hextoipv6 function| hextoip function| iptohex function| encodeURIComponentAll function| newline_toUnix function| newline_toDos function| hextoposhex function| intarystrtohex function| strdiffidx object| KEYUTIL object| _RE_HEXDECONLY function| _rsasign_getHexPaddedDigestInfoForString function| _zeroPaddingOfSignature function| pss_mgf1_str function| _rsasign_getDecryptSignatureBI function| _rsasign_getHexDigestInfoFromSig function| _rsasign_getAlgNameAndHashFromHexDisgestInfo function| X509 function| UAParser object| umSession function| createUMLink object| MobileEsp object| _sf_async_config object| gsurl object| gsScript object| gs_channels object| sha256 object| permutive object| pbjs object| apstag string| cbAuthor object| MoatNadoAllJsonpRequest_20944167 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_20944167 function| __moatSlotTagLoadedbellmediaprebidheader755367530455 object| moatPrebidApi object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| _dataManager object| ADB function| transferTwitterClickToOmniture object| twttr object| creditLine object| bioTitle object| bioLink object| _comscore boolean| _AUTO_TRACK function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| s_doPlugins object| Tracking function| setupOmnitureTracking function| setCP24SubSections function| setCTVNewsSubSections function| getCP24SectionName function| getCTVNewsSectionName function| trackContent function| trackContentContentGallery function| trackGallery function| trackLightbox function| trackPage function| trackSearchCTVNews function| setPageType string| articleTitle string| pathname object| pathArray string| sectionLevelOne string| sectionLevelTwo string| sectionLevelThree object| digitalData function| fbAsyncInit object| confiant object| _cb_shared object| pbjsChunk object| _pbjsGlobals function| initTrustLabel object| jQuery1705093696426714283 object| _cbm object| s_i_bellmediaglobalprod object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_tag_data object| google_js_reporting_queue object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv boolean| creativeVendorLibraryLoaded object| __twttrll object| __twttr object| FB object| COMSCORE object| ns_p undefined| google_measure_js_timing object| Criteo number| google_unique_id object| gaGlobal object| __buffer function| confiantDfpWrap function| Sizzle function| fskLib function| FSK_parseDFPKV function| FSK_getExtraParameters boolean| FskHasLoaded object| _fskparameters object| _FskKeyValues function| FskAds function| _FskGetCmpId boolean| _FskHasGgl object| _fskadsparameters object| _fskadunits object| _fskgeo function| _fskAddListener object| _FskAds function| FskRequestAnimationFrame boolean| isAllowed boolean| sas_noad object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms object| google_image_requests

170 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQkPWah5UxCgoI4gEQkPWah5UxCgoI5gEQkPWah5UxCgoIhwIQkPWah5UxCgkICRCQ9ZqHlTEKCQg6EJD1moeVMQoJCAsQkPWah5UxCgoIjAIQkPWah5UxCgkIXxCQ9ZqHlTEKCQgfEJD1moeVMQ==
.ctvnews.ca/ Name: permutive-id
Value: 99ff1b18-20e3-4537-b35e-63a0c44a8b0f
toronto.ctvnews.ca/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ctvnews.ca/ Name: pbjs_sharedId
Value: 5d8e2ef4-cc40-475e-a1ee-31d98f29dd83
toronto.ctvnews.ca/ Name: tmpPersistentuserId
Value: 1f49618150e9dbb0263ca28a180151ec
toronto.ctvnews.ca/ Name: TS01e9f419
Value: 017a1c6bed9e1a4ad9687aab11e156f7d75806441172ec55515fba3244a931b0ee380081a34b802bebe068d80d973031513609c0abf4cb333ffd3f226f9abf5d48e3c4383b
.demdex.net/ Name: demdex
Value: 18953613114404561984424832855440268402
.ctvnews.ca/ Name: AMCVS_BB3937CB5B349FE70A495EAE%40AdobeOrg
Value: 1
.ctvnews.ca/ Name: pvv
Value: 1
.ctvnews.ca/ Name: s_cc
Value: true
.289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co/ Name: pxid
Value: e7014bd1-39ab-45fa-9bb4-5347f6f980cc
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZLBb0AAAAIpr9AOH
.ctvnews.ca/ Name: _cb
Value: DW7tm1Bht_-lDIjd-s
.ctvnews.ca/ Name: _chartbeat2
Value: .1689279444672.1689279444672.1.CWjJwl8ALLTCw0kBeCLFrRjCG3pYv.1
.ctvnews.ca/ Name: _cb_svref
Value: null
.scorecardresearch.com/ Name: UID
Value: 15207d68d6bbb71fe4897d91689279444
.dpm.demdex.net/ Name: dpm
Value: 18953613114404561984424832855440268402
toronto.ctvnews.ca/ Name: permutiveID
Value: 99ff1b18-20e3-4537-b35e-63a0c44a8b0f
.ctvnews.ca/ Name: AMCV_BB3937CB5B349FE70A495EAE%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19552%7CMCMID%7C19274866080525492784438941472881418474%7CMCAAMLH-1689884244%7C9%7CMCAAMB-1689884244%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1689286644s%7CNONE%7CMCSYNCSOP%7C411-19559%7CvVersion%7C5.2.0
.demdex.net/ Name: dextp
Value: 771-1-1689279444997
.adnxs.com/ Name: icu
Value: ChgIy8VKEAoYASABKAEw1bfBpQY4AUABSAEQ1bfBpQYYAA..
.adnxs.com/ Name: uuid2
Value: 3373822132269096047
.doubleclick.net/ Name: IDE
Value: AHWqTUlStJqrHZwCcikuEyKjAqy2F_zU7uBFyCLY4CyMJouClYGhINCqvJe8xh_aSb4
.amazon-adsystem.com/ Name: ad-id
Value: A-ILiibIgkTXuxkK-KfBNk8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rubiconproject.com/ Name: khaos
Value: LK1LD5WJ-H-E9GQ
.casalemedia.com/ Name: CMPS
Value: 096
.casalemedia.com/ Name: CMPRO
Value: 096
.smaato.net/ Name: SCM
Value: b993a742
.smaato.net/ Name: SCMaps
Value: b993a742
.yahoo.com/ Name: A3
Value: d=AQABBNVbsGQCEJo01stUgovKmF0fyryXxxQFEgEBAQGtsWS6ZCXcxyMA_eMAAA&S=AQAAAhZIvoCSCOSSjZi2xlxyVRk
.smartadserver.com/ Name: pid
Value: 7544388502924255489
.simpli.fi/ Name: suid
Value: 5DC67FDE6B71483E96813E2D0E62AF6D
.casalemedia.com/ Name: CMID
Value: ZLBb1XDmuBybKhFtfPszdQAA
.adsrvr.org/ Name: TDID
Value: c790122c-5e0d-4328-8f22-f8881f935a25
.sharethrough.com/ Name: stx_user_id
Value: 20e6c5ab-37b2-475c-821b-6209cd007ab1
.eqads.com/ Name: EQUser
Value: UID=859cddb3-c35d-4587-84e2-8a6aab6da343
.brand-display.com/ Name: _knxq_
Value: 7d9a7540-5046-bc70-746eef5b.1689279445.0.1689279445.1689279445
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3041584026635316985
.bidswitch.net/ Name: tuuid
Value: 69937b77-a16f-4864-96ed-07366cef82ae
.bidswitch.net/ Name: c
Value: 1689279445
.bidswitch.net/ Name: tuuid_lu
Value: 1689279445
.deepintent.com/ Name: CDIUSER
Value: di_8b0dc000367b4b7f97614
.w55c.net/ Name: wfivefivec
Value: bl7jxeH81Qk2KF5
.w55c.net/ Name: matchcasale
Value: 5
.spotxchange.com/ Name: audience
Value: 483bb637-21ba-11ee-9a8d-1f6e8e630303
.sitescout.com/ Name: ssi
Value: 4cb8154e-a60c-48f7-be5b-bc377fa0f31a#1689279445493
match.sharethrough.com/ Name: AWSALBCORS
Value: S8d5DTP6Gr/zjSiXTt74gDeqp4l2Ikr7aGwYH0IBg7SVgXUBOcz4HMldFgB25BFB327oVBu4/kOZGTcXQ9oZrPWmnc+hrJ50Ks4b60Bm+yrzsXckZl/RGrOh5CiK
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ctvnews.ca/ Name: __gads
Value: ID=b54bd9117992fdf7:T=1689279444:RT=1689279444:S=ALNI_Mba9Zk6kptXXheHYZbaRHWqNsLVQw
.ctvnews.ca/ Name: __gpi
Value: UID=00000cb6cccbad7b:T=1689279444:RT=1689279444:S=ALNI_MY0uZG5-XOLdUMluY20nj6rixZ44Q
.adkernel.com/ Name: ADKUID
Value: A6542378305878603408
.adgrx.com/ Name: ADGRX_UID
Value: 484afda8-21ba-11ee-afe2-e5628e34fd89
.3lift.com/ Name: tluid
Value: 3208239021242991116357
.linkedin.com/ Name: bcookie
Value: "v=2&79d3c49a-a515-40d9-822e-915226f645e0"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2957:u=1:x=1:i=1689279445:t=1689365845:v=2:sig=AQGwHFvfZDOccINb3uAbgbRZoJAacIw6"
.marketiq.com/ Name: ADK_EX_685
Value: 1
.marketiq.com/ Name: ADKUID
Value: A6542378305878603408
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.bing.com/ Name: MUID
Value: 2C98B9483FDD64C524D9AA053EE66535
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: li_sugr
Value: 3b5ac17c-714c-4890-9015-c43eefeeb0b7
.zemanta.com/ Name: zuid
Value: VxHEZ5CMWyBRS1-e7OLb
.smadex.com/ Name: smxtrack
Value: 04eaa5d4-6f25-449b-90dc-395f6f72c958
.smadex.com/ Name: smxbds
Value: 1
.freeskreen.com/ Name: a
Value: NTQ0Nj0xfHw7Mzk4Nz0xfHw7
.tremorhub.com/ Name: tvid
Value: c49814839cb94cf9b1c231ad69e6b532
.exelator.com/ Name: EE
Value: "cb357941b6e8be67980644c179e8236d"
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.admanmedia.com/ Name: admtr
Value: fe5f14be-81b2-4327-938d-48097bf88ad2
.admanmedia.com/ Name: ac_r
Value: CS89
.tremorhub.com/ Name: tvssa
Value: 1689279446197
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE5ydjU3NLEMMks1SIp1czc0sLAzMQk2dDcMtXCyNgsZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQZEl%252BUWb6ImfHxUUpaQyLSopPBR9ZUQwAfDop9w%253D%253D"
.bluekai.com/ Name: bku
Value: ikG99BjqLsxB3hTq
.bluekai.com/ Name: bkpa
Value: KJyWyB+rLM9z9wY73UK44F8g5E5ZVuA+gHxoa9r2T8uBKJQOE1SK4gdBB1p2OFetXwRI514nEhHbWZil6Yp4drLw8fCjMU6lM1KFKU8mYcXQT9CTL8tVHfFIfKdNRbfUf4z59U2BdEQ+MhROqtbFdkGwYcCqlt8BlPTHz/H8CpOnvWH0htyA0lpFT6e/AQ71kwRxfY3zJAPjsC/gqx8mR7pVh/kEsG5SsVrD8u7B7v7iL0S8Ozn0CaKiXgamr/tALocm3iC1kxZ2zfZ7HWCQVkmHD7Y8oIEA5bcJEi9r+/9n2k/ongHv5/snFVUObgBfML4d4y19+J2Pp9==
.33across.com/ Name: 33x_ps
Value: u%3D212207471110146%3As1%3D1689279446393%3Ats%3D1689279446393
.tynt.com/ Name: uid
Value: CU+UbWSwW9bbTvNHMbgUvA==
.freeskreen.com/ Name: scmtid
Value: c2NtaWQ9ZWdqZmVlamhjamlnYnpXcHlhY0V4Q2J8MTY4OTI3OTQ0NTk2NCZtZ2lkPUxLMUxENVdKLUgtRTlHUXwxNjg5Mjc5NDQ2NTk5Jm5pZD1jYjM1Nzk0MWI2ZThiZTY3OTgwNjQ0YzE3OWU4MjM2ZHwxNjg5Mjc5NDQ2MjMz
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1689279446598%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1689279446598%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1689279446598%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1689279446598%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1689279446598%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1689279446598%7D%5D
.rubiconproject.com/ Name: audit
Value: 1|ojHcZbmXt7UuRFt89hSJ41EIkE8ykC/7vvUtNjc5Ti3WaDs14xzbSEJkr34umTob6h7pA51FQ8VCqQ3+tQhlLHMDvubSxZCGo/wuOgk3HZcCHFR+NqN0r2gdA/GY1lHv6RACHepzkYgY5C3R3WTyrUec07PGRryK
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0B81145E-C729-4696-B61A-D773814761D7
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156423:2
.pubmatic.com/ Name: DPSync3
Value: 1690416000%3A201_263_262%7C1689811200%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1690416000%3A240_21_71_231_8_48_104_249_54_46_166_220_178_233_176_250_55_165_5_13_234_22_3_56%7C1689811200%3A2_223_15%7C1690502400%3A35%7C1690070400%3A63%7C1691798400%3A224
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230713%22%7D
.w55c.net/ Name: matchpubmatic
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2cr8:1929~2cr8:190u~2cr8:18z8~2cr8"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4OTI3OTQ0Njk2NiwiNDEiOjE2ODkyNzk0NDU1MjF9
.dotomi.com/ Name: DotomiTest
Value: 5f1e15ea2a720ffe
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.quantserve.com/ Name: d
Value: ENMBCwG6KfijAA
.quantserve.com/ Name: mc
Value: 64b05bd7-1106d-79400-990d6
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MzG2NLAwNbU0FuIz1M2NLyrVzUssjoq3sAQAPdRW7CQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MzG2NLAwNbU0FuIz1M2NLyrVzUssjoq3sAQAPdRW7CQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFpZG5pYmJuYGYBAFjMvH4QAAAA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3373822132269096047&KRTB&23339-3373822132269096047
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c790122c-5e0d-4328-8f22-f8881f935a25&KRTB&22918-c790122c-5e0d-4328-8f22-f8881f935a25&KRTB&23031-c790122c-5e0d-4328-8f22-f8881f935a25
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3041584026635316985&KRTB&23263-3041584026635316985&KRTB&23481-3041584026635316985
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:bl7jxeH81Qk2KF5&KRTB&23421-uid:bl7jxeH81Qk2KF5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-484afda8-21ba-11ee-afe2-e5628e34fd89&KRTB&23275-484afda8-21ba-11ee-afe2-e5628e34fd89
.acuityplatform.com/ Name: auid
Value: 799697120681
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRFQcbAGAmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURUHGwBgI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDafE27dkOAJy7FGee6HvIM&KRTB&16514-CAESEDafE27dkOAJy7FGee6HvIM&KRTB&23025-CAESEDafE27dkOAJy7FGee6HvIM&KRTB&23386-CAESEDafE27dkOAJy7FGee6HvIM
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_8b0dc000367b4b7f97614
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:5DC67FDE6B71483E96813E2D0E62AF6D&KRTB&23489-uid:5DC67FDE6B71483E96813E2D0E62AF6D
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341&KRTB&23418-4cb8154e-a60c-48f7-be5b-bc377fa0f31a-64b05bd5-4341
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHQykQDSiozwNPp6EIAAAAAAA&KRTB&22713-AAAHQykQDSiozwNPp6EIAAAAAAA&KRTB&22715-AAAHQykQDSiozwNPp6EIAAAAAAA
.mxptint.net/ Name: mxpim
Value: R35CA9_105C3DBC0_3B8A23CB.1.000000000000000064B05BD7
.tapad.com/ Name: TapAd_TS
Value: 1689279447082
.tapad.com/ Name: TapAd_DID
Value: 1ccd233f-dde6-4277-b9e7-9d2b983ec720
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7f1c2561-4b9b-5220-6f27-cba23fba0797.qXB32z1ELwYcqpYKDeFkHu8qtPx%2BTWhIuZpz7HPJkM4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AfxwlYUubUiBvJ8uiP7oHl5U4mbc.xijfGHQGLtz0smDsj8RD8cmoR264IGy0d9u0T250xhc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AfxwlYUubUiBvJ8uiP7oHl5U4mbc.xijfGHQGLtz0smDsj8RD8cmoR264IGy0d9u0T250xhc
.pubmatic.com/ Name: SPugT
Value: 1689279447
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-799697120681&KRTB&23428-799697120681
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK&KRTB&19420-v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK&KRTB&22979-v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK&KRTB&23403-v51qg7zLbISkmDmDv80lhLCdOIOkkDGD7Z_h86tK
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-978477416439085593
.thrtle.com/ Name: mc
Value: eyJpZCI6IjFkYjAwNzJlLTg0ZGUtNGQ0NS05YzFhLThjOGQwMzkwMWM3NCIsImwiOjE2ODkyNzk0NDcxMjYsInQiOjF9
.bidr.io/ Name: bito
Value: AABUdE7JYLgAACavP01DKg
.bidr.io/ Name: bitoIsSecure
Value: ok
.turn.com/ Name: uid
Value: 4256294268177021327
.creative-serving.com/ Name: tuuid
Value: afc926e3-7f9d-4e74-a6d6-520441e5e5f5
.creative-serving.com/ Name: c
Value: 1689279447
.creative-serving.com/ Name: tuuid_lu
Value: 1689279447
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-fxwlYUubUiBvJ8uiP7oHl5U4mbc&KRTB&23334-fxwlYUubUiBvJ8uiP7oHl5U4mbc&KRTB&23417-fxwlYUubUiBvJ8uiP7oHl5U4mbc&KRTB&23426-fxwlYUubUiBvJ8uiP7oHl5U4mbc
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-0B81145E-C729-4696-B61A-D773814761D7&KRTB&23413-0B81145E-C729-4696-B61A-D773814761D7&KRTB&23479-0B81145E-C729-4696-B61A-D773814761D7&KRTB&23505-0B81145E-C729-4696-B61A-D773814761D7
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-4f439bbc-69ef-4ad8-89ca-d9f750657742&KRTB&23340-4f439bbc-69ef-4ad8-89ca-d9f750657742&KRTB&23498-4f439bbc-69ef-4ad8-89ca-d9f750657742
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4256294268177021327&KRTB&23150-4256294268177021327
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIkPLZyob6gTwQBRIWCgdydWJpY29uEgsItsffy4b6gTwQBRIWCgdzdng5dDUwEgsIxLCgzob6gTwQBRIYCgliaWRzd2l0Y2gSCwiA5aHXhvqBPBAFEhcKCHB1Ym1hdGljEgsI3Kf82Yb6gTwQBRIUCgV0YXBhZBILCKjN-NuG-oE8EAUYASABKAIyCwioxfuInfqBPBAFOAFaBXRhcGFkYAI.
beacon.lynx.cognitivlabs.com/ Name: UID
Value: fa44405b-665f-44c5-8d26-942fb49cb207
beacon.lynx.cognitivlabs.com/ Name: ss
Value: D4WBDjtuA1PLLVQhxZrZgIqiiUQ%2BS3Wtw8HlPMePI225DyExNhk0E%2FpKnGrxHXil80ZonUCoqkiKGuNLPdjqCw%3D%3D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4676
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-69937b77-a16f-4864-96ed-07366cef82ae
.csync.loopme.me/ Name: viewer_token
Value: 1a1002ec-b8de-4297-a47b-a07ffff2eb00
.ipredictive.com/ Name: cu
Value: dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee|1689279447299
.technoratimedia.com/ Name: tads_uidp_88
Value: 3661437750630536379274
.technoratimedia.com/ Name: tads_uidp_44
Value: LK1G2BAN-1D-LT2A
.technoratimedia.com/ Name: tads_uidp_77
Value: Qzx8Fth1lRqwLigKGeiGAZsRaeTFhsG7HikZr4WvlCU
.technoratimedia.com/ Name: tads_uidp_45
Value: BAD6476E-515C-40EF-942D-693B9AD99B7D
.technoratimedia.com/ Name: tads_uidp_46
Value: 6253822211152492551
.technoratimedia.com/ Name: tads_uidp_79
Value: 2d1fe8ef-2116-45ac-9723-ae9f2423289c
.technoratimedia.com/ Name: tads_uidp_37
Value: 7180ff63-f917-3648-99a9-475754445d27
.technoratimedia.com/ Name: tads_uidp_48
Value: fa497af6-edea-4f85-8089-b0a4c01e0bc2
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAL318zylw8IQMEZrR3AAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 01895489-b360-41e5-8d0d-6bf2de1376b4
.technoratimedia.com/ Name: tads_uidp_80
Value: y-SDP.f29E2uFcocJRAxhS7ydqKXKfxqbD~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZK-q2A8yzSSBde3sXCYewwAA&192
.technoratimedia.com/ Name: tads_uidp_50
Value: 9eb25fd5-e266-42fc-a294-bf317ff7c510
.technoratimedia.com/ Name: tads_uidp_61
Value: 212207377263771
.technoratimedia.com/ Name: tads_uidp_62
Value: 3322721401454889000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: eJWNfnSg_n1AZvbjE4U1zGIlYB3S4pLr
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-5949f495-c719-452d-9d22-b01c78836e3d-005
.technoratimedia.com/ Name: tads_uid
Value: 568200899A48499D9AF846BF5A46F6A4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331110957+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee&KRTB&23011-dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee&KRTB&23355-dfb5e10e-8e54-4586-9fbe-cea43f4dd8ee
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsidHJpcGxlbGlmdCI6eyJ1aWQiOiIzMjA4MjM5MDIxMjQyOTkxMTE2MzU3IiwiZXhwaXJlcyI6IjIwMjMtMDctMjdUMjA6MTc6MjUuNzQ2MTA2WiJ9LCJydWJpY29uIjp7InVpZCI6IkxLMUxENVdKLUgtRTlHUSIsImV4cGlyZXMiOiIyMDIzLTA3LTI3VDIwOjE3OjI1LjMxMDkwOTEwMVoifSwieWFob29BZHZlcnRpc2luZyI6eyJ1aWQiOiJ5LXpYd2hEaE5FMnVGU3B2aGpPU3hBUW8zM0wzTjd2Q1IxfkEiLCJleHBpcmVzIjoiMjAyMy0wNy0yN1QyMDoxNzoyNS41MzM1MDQ0MzZaIn0sImdyaWQiOnsidWlkIjoiNjk5MzdiNzctYTE2Zi00ODY0LTk2ZWQtMDczNjZjZWY4MmFlIiwiZXhwaXJlcyI6IjIwMjMtMDctMjdUMjA6MTc6MjcuMzc2NzI2NTg1WiJ9LCJpeCI6eyJ1aWQiOiJaTEJiMVhEbXVCeWJLaEZ0ZlBzemRRQUEmMDk2IiwiZXhwaXJlcyI6IjIwMjMtMDctMjdUMjA6MTc6MjUuMzE5Nzk0OTY5WiJ9LCIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTIyMDc0NzExMTAxNDYiLCJleHBpcmVzIjoiMjAyMy0wNy0yN1QyMDoxNzoyNi42ODQ3MjE4OVoifX19
.tribalfusion.com/ Name: ANON_ID
Value: aenseFu4YUdmqcn63g80KZbwpFeI8eY6NTeAHxtCVx7xDF1PAIZc3qtn6EUFZcVgPZagZdRCZbvqQEHoQ53MWEbZabp
.contextweb.com/ Name: V
Value: XUAnPUoSDqez
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1lp3|7dN.0.AABUdE7JYLgAACavP01DKg
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2910dab21fcf0a38
.smartadserver.com/ Name: csync
Value: 127:AABUdE7JYLgAACavP01DKg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABUdE7JYLgAACavP01DKg
.pubmatic.com/ Name: PugT
Value: 1689279447
.criteo.com/ Name: uid
Value: 213c7536-14b3-44f5-8019-5d7cc499dd5a
.ctvnews.ca/ Name: cto_bundle
Value: BgxD0V9rVEdYRlFhMHZvVmZqNlZjbkZnU0NUSFlKJTJGdFJnSXZuJTJGazZvaGZoajVkYUJrYzV0MTJIaWVETXR3MVZ3c3ZGMCUyRlo3VyUyQjdpNE1ZS09rV29MTXZLdjdYZGgzblk5S3JWMXFpRU52MTZ0TUJaVTNKJTJCZGtueW5xVVFRR1BMYiUyQjlUTzlUdzRoMyUyRnBjOUV0cjVtWjJNbSUyQk9BJTNEJTNE

6 Console Messages

Source Level URL
Text
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_105C3DBC0_3B8A23CB&r=https://pmp.mxptint.net/sn.ashx?ak=1
Message:
Failed to load resource: the server responded with a status of 502 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co
2fb850df14fece17fe5bbeb86be27d0b.safeframe.googlesyndication.com
33across-match.dotomi.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
api.permutive.com
assets.adobedtm.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bellmedia-ash.gscontxt.net
bellmedia.demdex.net
bellmedia.sc.omtrdc.net
beta.ctvnews.ca
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cdn.confiant-integrations.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.permutive.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
crb.kargo.com
cs.admanmedia.com
csync.loopme.me
de.tynt.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
geo.moatads.com
gocm.c.appier.net
gum.criteo.com
hde.tynt.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
js-sec.indexww.com
loadeu.exelator.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mb.moatads.com
micro.rubiconproject.com
mug.criteo.com
mweb.ck.inmobi.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb2-useast.marketiq.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
sb.freeskreen.com
sb.scorecardresearch.com
scm.publishers.tremorhub.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.chartbeat.com
static.criteo.net
static.ctvnews.ca
static.freeskreen.com
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
t.adx.opera.com
thrtle.com
token.rubiconproject.com
toronto.ctvnews.ca
tpc.googlesyndication.com
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
ww1772.smartadserver.com
www.ctvnews.ca
www.facebook.com
www.google.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
platform.twitter.com
104.127.84.215
104.18.10.47
104.18.11.47
104.19.149.54
104.244.42.136
104.36.115.113
104.76.100.229
107.20.233.118
108.138.107.138
108.138.126.121
129.159.113.125
13.33.60.65
141.148.8.2
142.250.65.194
151.101.130.133
151.101.130.49
151.101.193.108
162.248.18.34
165.254.203.172
169.197.150.7
172.104.105.5
174.137.133.49
18.164.96.18
18.214.58.121
184.50.210.146
185.167.164.43
192.35.249.138
192.40.39.223
195.5.165.20
198.148.27.139
199.127.204.171
199.38.167.131
20.85.134.6
207.198.113.87
23.105.12.136
23.105.12.137
23.105.12.159
23.105.14.97
23.220.11.204
23.54.68.197
23.77.174.20
23.88.86.2
2600:141b:e800:1487::1e80
2600:1f18:4e9:5a01:489a:e998:102d:89d7
2600:1f18:612b:4216:d63e:7fe5:39af:1906
2600:9000:2209:e400:1b:5138:8a40:93a1
2600:9000:24f1:4600:18:1fcd:353:c61
2602:803:c002:200::41
2603:c020:400d:3000:bf17:cd18:9a23:846c
2604:9e00:1:129::2:a01
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:4400::6812:220a
2606:4700::6812:19ad
2606:ae80:1451:17::1370
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::2001
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f10e:83:face:b00c:0:25de
2a04:4e42::485
2a04:4e42::714
3.222.197.118
3.224.24.205
3.225.218.10
3.33.220.150
3.86.134.181
34.102.163.6
34.102.253.54
34.107.254.252
34.111.113.62
34.111.151.213
34.117.239.71
34.171.234.26
34.200.186.237
34.229.3.43
34.230.233.1
35.160.206.4
35.186.193.173
35.211.178.172
35.214.185.196
35.241.9.51
35.244.159.8
44.194.73.244
44.199.66.14
44.209.72.229
50.31.142.223
52.1.101.178
52.21.85.14
52.223.22.214
52.44.61.78
52.46.128.147
52.48.172.146
52.7.14.2
52.85.61.103
54.148.67.156
54.156.72.60
54.163.78.196
54.175.95.162
63.140.36.148
64.227.64.62
67.202.105.21
67.202.105.31
67.202.105.33
67.220.228.202
68.67.160.184
69.173.151.100
69.90.254.78
72.251.232.230
74.119.119.139
74.119.119.150
8.28.7.83
8.39.36.142
8.43.72.97
80.77.87.163
82.145.213.8
96.17.65.140
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
0366667430ab28c56f5fe079aa711c4e31eca1f29ac910dc3ef02ce0335b81d3
0456579e1a0c69724ff199ebf59b46e5bdbd0de20016903ff1e418d490dcf49a
05fd032d3ff962e45cd0370c281c322088ea4a576a40f42bafac0aec4c282efd
06386e41ea2a9d9c276ceb2c5c8fd199b1cd6ebaf37ac0c3f0d599877c8c08fc
06b0e5549e5f1946b2ffcecf3b2e714c08e04402cf6772e34983b4d0f539fb0c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0742938350dabeaf29329c002bc1691513a3b0f764ee581cc2b125e0ade452f4
0744b5a06712d19c1b72db9691015da5567bda61a5a05ed27b60834cd2e6dfcf
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
08372933d39a2bad378cc1708ac33882d21494902d07b07e288dc546265bf88b
083f919bf74e6682954dd8f069613aba08bd29736a7cfbbeb4dbf34b206893cd
09d9936362c5f41454563bd60d26ab8c0cc78e1d7ed7638fda491a2e19deed87
0a58ca1a34ce9925743784836c19a71755c1bb1fa41628cd44ea345d9b5a5e7b
0aa84e621ab77451a6bdf16c61f7922cacdd0f0f6d065c39cdc5c991fcfae7af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfa5ab5b0fb8c52f1554beb7767bcc9895f9be47f87117484d6caa8c6f5830e
0e3e34f3c8899b3b685b39f38df800334e9a6de41d8b4dc9931bc30942ba5cad
152fa4721770cf1dc87aea48e62a1ad5dae570995e09574057c0c1f440a2691e
1615847b14197a4b0f192dfdbf7958df79f15430545c509f53ddb648dc8841c4
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
220143b106d9f2e76d737fec15e695332f910bfe1ab758c1dc4507a2e34cb798
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
272f979b06865e2f0ba1db8e5663c85f0e7007bf97df80b5a3060a14c9607315
281f42ca75ca2698089202ba461c6aca36a4bb1b215e2db6fb67f5aa3a9f7d18
28ad5866ac6853e1173af7dbf67ac4c2ea25d0e0d102c92d72055569c82eb3e6
29484f6baa8ebd0b89addacc345b48a3d5bc0c5e9bde3f685658a4c0648e524e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae5aade1d283ed939caa401d59541f75f65bb76fd30812967420e4a6b761a69
2d2e665ac9964e2cb3dad87acd9da254754ec2a7047dd06639f1e6db3afa612d
2dd254ce9555d92eee12875cd06f61064310218d6602f3178f2a634464e3ea23
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4b35bdd84d850d127b50f969e79a576ec0a8e68c3e98a7b8856f61813050ff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32e283dbb01e0ad077a195dd6093e209b187d846a6d5b156d11e228cd010de3e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ecfc1fe04580ce644453ff4ecdd14f08f7989fd195195bb920c31f9361bd330
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d6ea3aa9c3823dba8110a570a861b37c0d375744000a088eedfe3947c55e4d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48dc707767808e30b116858c5f894e1a0c5503aaa5ead5e082b18511664f6089
4941e9fdf16c8e7e40bd7267c2d5706d861486e2d848e92cb65c7188bfdef895
4946f193853611adf1b2285d0062a8713c20a181badcb295bbb8994c738a166a
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4c4deece905708b299f5478a55631bb18bd5328bef7b0d346627fa0314f40ba2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50dbc93d6eb75d097e6730edd17de7a34e1dd92bead319c148c9320006de3e17
50ff57a13c2b4f036e7e7cd6737fb6157c49a71ea8dec39c5b646dbf1450c8e2
5181c5eb8134d99569407f5e696c795992fe12141af422ba0a3c3dccdc39f91e
51fb7502bff95c3e7f2afe9cf002aa65721f6d08dfeb450840e61cd2b1ff49b0
52fa6a4d772e3482280effa4188225dffbc09387b739d3a41050a53d2c6094fd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aea746fe4d86c636520ef53cb04c7932daf3b99da88318cd8d5e506c0f7e7d
55b3b59ad51f32da3d908c53b377e5cc6c9fda888affb46c6e159615ec47a8b2
5889acc18d4d09026cc18b54afff8d5d180dc2765ed308c2749e6edab657436b
58de067c1ef89563049a925bec8efb9368c5ce1614e4feaeec73a3468f4c9707
59ffe6d9e4aa766a1b6efdb7ce5c1ec1aadf77406c6d34ef4da7adacf9f70b1c
5d547e1b9bb804c01d416d5f3225edd5d12aa3594c068ee00df53577f9f9375d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f5c1127116f92d001a0f873da5cc899c1819a47822d07e4a81a63b775b4a45
6373e398c603bd600b32085113f37ec682464e1c9737e9e471f7f451631df6c4
647738c62e1fb1cb0d72434f8c9890899c285e785d621854f38c5ad95cf1bdab
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147
68093edce625371b24b5668500cb69b7aabaaba0ea1a87a43c180cfc67a3759c
6caf0032793e0fe49f17fd134aca07baae9de687832bfc078a737ef34ddcac89
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
757adb7d54fe3d90804b9b623bd25eb3ad8af4537248aa6ce9a25d14e6149be0
7886152837ec191da35140125b9f6305cca777f54ba535e35fc1ca267f7d36ca
794d9915f4c3ab0eb763b76cfac9c2ed0f1441c0b9b935215e07c6ea99069c09
79efe19fc8a16895c7191d5556306815ecf73d7214a6d3240163de92054a032c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c591d6ce1c5815598040b7cc117ec47c34ad42732975b991b06230f354d0336
7cad667b49feef3ced88cbb0edab901a7e2c0ec8a44ede730eebb99da33035bf
7d1b28f60b6cc197d9586b43f8a443d6a948dc34284f51e7e0764729ba2518c6
7d84c419bb39b3ef7ee04cce175b7b79ff638616976aab07ba909377bcc773b4
7dd46d3d53918e1ea3255f8c051a9c6bd9f64299f64ff7222d11c708c4cb4865
7fd6aa669a7ef23fa4b5d75840385e3927d52481649517c8ff6cb4a484b3d8ee
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
855e395b5042677367cb70343b370d3dd2dffd73ee62ead09bde853244ab1b1d
88228d1013379dd731c30515d51921007b9de9ddbac887139196d32cdac5885f
883b6935a93d015ff91c410a434b1835430622a24f4d92cc848154c87a1b0103
8b25f4447d910fe6429c73c5bd817791f842d1cd466090e6b8361e35de4c2873
8bbf2bd8de650c4b734fc821b1a3b2b45bf3dfad6e4dccfe52828629b39c4dab
8d0eeafeb4bd4978f58ed4f68d677efa62ad66fdff34014b098c03149e69d4ab
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
901ff7d5b5718cc8855b7897bbbd61cd92022e0f9a8655bb957c07b7790651fd
90839ce8dfb37c56ee963fda66177760bdd083e5a5e1800d6e62139d84f8997c
91b4dbfe46ffc15688b8749f361370b721df228894cd9ff71d681357e4c59471
91c3ea673dce470fac9d86290a8307c387e2a495428e9bc26082da3798b5b51a
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
92cb79783d2d922b60bbcd9cc11b2244c49bd6e8f199d78af2ecc388ebf57612
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9561488efc9cb79af921b8ff53e83c84a175567f3dd27d2e8f836fd87673545e
9584c9f04a6e43c884c620944cb122157c48acf556722534170327c26d5d5e06
967c46f93fabaa8b058a36af40033c5aaaf40d751f829d0db50ca4e9df38b247
98b294f371d598de4555382d29833c5e20aa2c04c766bfddba93e8196483403f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bc3db761f876c33df0bcab73259c094ed314ad426b0943892863b8a9ebeaf41
9d844d093a9fe226d84c1dc6f7b69e63acca4619cd2c94793e740ceb3224cf77
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a44d09ac7b799fc593161fc43abcf224f879f46de5b80c321eb1251d89f07ca4
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ab562dd8fad058f774bf85802d19249ac2cf1af160bf30e756234c4618286271
aba292ba314fa61418c9677aaabda0b773293416c17cd05decacdf1bee5393cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ada7777d20254a1b13ae421adfd813cee6fa84ac3b296bd63a07043bb686c4d5
ae2bc59e6cfaa653387cfecd5cc73f55418b6043777cffc1d9d2bd77c712d661
b061fa052ad2f1b58cae362ea5d931a8f9fd22d280574b224077fa9995fe8454
b12f889dd95592b62d4fa249e174b9cb4fd65ab1bdc96339f2035cc2093c3d92
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2009a11e8b2b8b896ca02bec28b1aa19ed2de1f3a66f67891274140136b8d85
b355a547291f0a661d0e8425fca5491f82c95d6dd28b4783bdb200ec9cf4b2af
b5134d972c11b7b47dfc53cae53f5d767d9279f0a61e911f5debcb20768160b5
b523c0c56df668c227221b8072c44f0b70130cedad86413f2e27363f41872f63
b6e0e99fdfc7baaea1b9f122392baf3634c39541215080bdaa5f4c5d92e6fc40
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b83e79e0dcd1f9dae8f8342eafd8f0c97a03e7309c450e25933b820a55bdffdd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc91353db1dae36f3851f5c656989a28134f3012a0f39e73035153ba797f40ad
bde8310e2019343a2d68e659636b8af0de40c6313f5fb1d70e3edf8b2c72fbf8
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1e05668c0dc6871b6108c3fb3a30789d1c9fcef69bf4affadf598610ed17838
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4
c47a788a0ee2c53364cf7846425e7df8444e707c69422eabc2fa63bd16ec3fcd
c4c693923f90d5e2e58221a70eb1964afc8415fa331c2fbef5f2bcfd6ed58710
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c831b45d68c45f1a4665d084c145fffab9a09dfdec4af94b5cd86ceb34de3d57
ca332b4440cc48d13fbc03795c3ff7d056a4b879991885e53f1302d77c422ed2
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc12aedf7850dec23c99b740a872607b91ecff5561d13ee9b22bf68419624399
cee8ff26066197ba34dea763a189191d1f09397f8ddcae27d466cfc843eef41c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dc78fd061c546de265a4def7fa8fc08be6b5759039573a1292e141a857a18e
d17d8b489722eac31bb778b1d1ee0ef0fbe61d037f68c5de4085f0be7f51a429
d1bdc630dc111ca0665e5671e6c70e81f5b2e87fad4f1412bc52d9027ec262aa
d33deec2bf0281ea72e020234a8e369b9f73f9702e13c404d1766d10296d9ab8
d3fb70f23a4cf50abc4c8eb5fabc2ec129ffeb0085ea47db537482637ed4923b
d58477af72a8bbfe02d5281599bdaacbbee94781ae3bb3005051d963bc42b0c6
d5cbefaf4c8fe42a6c14dcb3a2d0d0e138418df68d4b71bca9eb4816c8684bbf
d6d4cae5b31b40f41b58f639baf77580b1dc64f567d132d9e9064cfb249b8295
d942dc9b2afdf685e52d2a1025d83b354aed5dea49cab76a9875ed5cdab01e6c
da8a750bf8038cb671a01c4178fadc10eb5157efed64f44061979d008725d09c
dad4ae1b77550002733f215e8084e73f35757bc3e8ed9eb3dec51e917e3e9ca9
dae30ada029c7f61a2384e3762feb68fc3d761cd0af537e6783ffe62804f0e0e
db7e9d97ad16ccc99b4a028841c2a64324b87b941556539a4e37f49224c2191c
dcef00ec118920975f6c1fbd29c0a349c7c2bad5214c255ea659537b26bf3976
ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d
df242c79e03b5eeb8b9919cec4d8e61acf79f95795203d0928d1b0bf3b76c8a9
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e11310ed9c3443db2167b380e28e6a3327d73373db0276274adafacf6afc5c0b
e12831a74d0f6dfc24e60f942e1c54b280df951dfc9bd31cc73b9ca7019472d7
e2d90d68e1d6b3e524e81efa5660f326e49aa0a883a63e525949efc3979ae1ba
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d1bcd003f3316277f3dfe0b64d76ebd6ed5e0a26a63aa62d06b24b05aef382
e9cac0c27e07404baecabfb6a87decc67e0c77bb964e80b3e25b0a4d6a9255f0
ec0b5be40b5a1182adcb16274da82c02e5345377475617cac1379c349be5b01f
eea2195a1d52627879e4f27d606d6b430c2536c4028d0c6cb6374472980a74f2
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f4ecd36bbc08c9f3e35502b5273be9e795160a9d863778596071ffbba27ba65f
f71fa636feb647315712fb3304ba60f9e67658d06eab86a8d65551ac0e345c16
f9ca12e2e5cef0e2f466d001baf075b03d028b6eae3b110920cba59452cde6e7
fb04c6eea2f3e8543363570b7141e3e344c8789842287cd8a7952870f819b891
fd48f17f80b82be30ff180c092ddd915df1817ac8baf02e1e5ecbd109f69c205
fe405ee18a13d61251a969d148d2a4607fad334520d9d1031b3c9810d057bd4f
febc229a4470a170e06c6672818f1d6b76ce62ad87340e17e5304c3d1d7ac848