www.itworldcanada.com Open in urlscan Pro
64.140.127.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6...
Effective URL:
https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medi...
Submission: On June 02 via api (June 2nd 2022, 4:55:14 pm UTC) from US — Scanned from CA

Summary HTTP 142 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 22 domains to perform 142 HTTP transactions. The main IP is 64.140.127.168, located in London, Canada and belongs to START-, CA. The main domain is www.itworldcanada.com. The Cisco Umbrella rank of the primary domain is 750428.
TLS certificate: Issued by R3 on April 23rd 2022. Valid for: 3 months.

This is the only time www.itworldcanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	64.140.127.168 64.140.127.168	40788 (START-) (START-)
2	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
10	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
12	2600:9000:212... 2600:9000:2120:d400:3:dffb:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
13	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
4	64.140.127.151 64.140.127.151	40788 (START-) (START-)
7	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
4 14	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:81e::2001	15169 (GOOGLE) (GOOGLE)
2	54.211.26.76 54.211.26.76	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.213.154.128 34.213.154.128	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	18.233.240.143 18.233.240.143	14618 (AMAZON-AES) (AMAZON-AES)
4 6	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
1 1	23.221.203.44 23.221.203.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	96.17.64.208 96.17.64.208	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
142	24

33 64.140.127.168 (London, Canada)

ASN40788 (START-, CA)

www.itworldcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2120:d400:3:dffb:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.itworldcanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2008 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:817::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.140.127.151 (London, Canada)

ASN40788 (START-, CA)

bb.itwc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80c::2004 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.111.234.236 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:81e::2001 (London, United Kingdom)

ASN15169 (GOOGLE, US)

659bf2f640900994a7688d930b7c5b97.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.211.26.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-26-76.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:820::2001 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.213.154.128 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-154-128.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.240.143 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-240-143.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.197.192.192 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.221.203.44 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-44.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.17.64.208 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-208.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.153 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	itworldcanada.com www.itworldcanada.com — Cisco Umbrella Rank: 750428 i.itworldcanada.com	771 KB
19	googlesyndication.com 659bf2f640900994a7688d930b7c5b97.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	1 MB
17	gstatic.com fonts.gstatic.com www.gstatic.com	534 KB
16	ml314.com 4 redirects ml314.com — Cisco Umbrella Rank: 1522 in.ml314.com — Cisco Umbrella Rank: 7595	66 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	181 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	24 KB
6	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 824	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
4	itwc.ca bb.itwc.ca	18 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	226 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	128 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 678	865 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	946 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 300	489 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 194	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	427 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	113 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	3 KB
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 463	707 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1177	642 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 9095	501 B
142	22

	Domain	Requested by
33	www.itworldcanada.com	www.itworldcanada.com
14	ml314.com	4 redirects www.itworldcanada.com ml314.com
13	fonts.gstatic.com	fonts.googleapis.com www.google.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
12	i.itworldcanada.com	www.itworldcanada.com
10	securepubads.g.doubleclick.net	www.itworldcanada.com securepubads.g.doubleclick.net www.googletagservices.com
7	www.google.com	www.itworldcanada.com www.gstatic.com securepubads.g.doubleclick.net www.google.com tpc.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	ps.eyeota.net	4 redirects www.itworldcanada.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.itworldcanada.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	bb.itwc.ca	www.itworldcanada.com bb.itwc.ca
4	www.googletagmanager.com	www.itworldcanada.com www.googletagmanager.com
3	www.googletagservices.com	securepubads.g.doubleclick.net
2	ib.adnxs.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dpm.demdex.net	1 redirects www.itworldcanada.com
2	in.ml314.com	ml314.com
2	www.facebook.com	www.itworldcanada.com
2	connect.facebook.net	www.itworldcanada.com connect.facebook.net
2	fonts.googleapis.com	www.itworldcanada.com
1	tags.bluekai.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	www.google.ca	www.itworldcanada.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	659bf2f640900994a7688d930b7c5b97.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
142	29

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
digital.itwc.ca
digitaltransformationawards.ca
technicity.ca
www.itbusiness.ca
www.itwc.ca
reddit.com
www.telus.com
securelist.com
www.bleepingcomputer.com
www.changethegame.ca
ca.linkedin.com
itwc.ca
channeldailynews.com
www.directioninformatique.com

Subject Issuer	Validity	Valid
itworldcanada.com R3	`2022-04-23` - `2022-07-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
i.itworldcanada.com Amazon	`2022-01-31` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-12` - `2022-06-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
bb.itwc.ca R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.ml314.com GoGetSSL RSA DV CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Frame ID: B084CE451EE4462163E054C6A0ECE7D6
Requests: 84 HTTP requests in this frame

Frame: https://www.itworldcanada.com/subscribe/daily.php?theme=light
Frame ID: D2E7F3F998696CB2F05E0BF383339BEC
Requests: 18 HTTP requests in this frame

Frame: https://659bf2f640900994a7688d930b7c5b97.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 23E549664AB7C602399C38491C121204
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctagoaAAAAAN72dYmKMI8V__Y4VWufR4k-3hZF&co=aHR0cHM6Ly93d3cuaXR3b3JsZGNhbmFkYS5jb206NDQz&hl=en&v=81cz2KigKZoE-gRplogO8692&size=invisible&sa=submit&cb=15s8ejnil3oa
Frame ID: AE98237FC55F0838EC02F5624B05A614
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvxpVqDXq9Zo26TjARN-P6uDPgKblbDARcj4tVdM8ZzPohMENZtbArIUBDqPVlbFq5L2yxq-Acrjli1tX2_r-XOHeGkbBA4xs3ezRzWsU7tW_ZsqgLbJVcW51UD5M3Bh2S5VdsVUsQiaIi3Pst3-HWTwiGzA3vqbiVZaLv4JqeYoPAjwtGWIoh-NQVYFHDd3y_BilOhnXt73PoS5JM1hOjrWjxaDUkCGfH3i43PSdpOcn5iNhAk0MZ3uvO4FMjURmlRBoLf_F_MLaLuEtmm9siBOEZSAObQnNCsaOZ8etqCJ1g-7tuURVwpmrsDg&sai=AMfl-YT9s4tZePB3M3T3iqYa1Bp3l8pDj0EenpvL23xsXkgJu_KGeBHJlyxU096N46Id0ofFb3WWZp1RdA7r9xKmqAF9ckwwQ0OPPlx3T3WqBbyQGFy_yl6vZELqk-b9mceB&sig=Cg0ArKJSzBGdUbm8yLoPEAE&uach_m=[UACH]&adurl=
Frame ID: D2851EEE5F6189138827F9670F0FCD76
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOJETRyDtL36ak_vPKK_1U3CXGHWtcWi-9R6rnhvxk-4goq-5jxIv0eZV8QUHDUQsdxeXk-6S5WXEMIe17-7Mu8LG230BUHv5h8fXGOfvpajZICCTb39oSd9DphsuTuLfXlEdaeG2Wg2EoEdsy2xQuiV-_zBJO9nuDT3ETrofg6M_g_8YeKyv2qfg78j4b2p2Pvmx_v3nfw09uvVi4VtB2Wo3bxK_0MvRUELNQUvaRiyg_qpNaqBChXD0Sseom8q-vvJ7eJzhcEdyJcTtS6F0KW5E_EOImTRMpn-I2ljolX8dccNBlDb6OYIw4KQ&sai=AMfl-YSwtr5ACBjs3uQ5-uQH0cJXLpygIVS-VnDATVIWwY-SLKC-ITVgt9epbFWOmI61A1VErq3QbsYqrzNQMgCR0PQ-SmfqCOiy_Ba5MaUEbLvF9o_9_EWpD0DK01amf-YA&sig=Cg0ArKJSzKkydWiatja2EAE&uach_m=[UACH]&adurl=
Frame ID: 93F8618E64B47DC61F5BF0ABA22B02C3
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscMqvHYxaB3IcQu4pPUUm1kle3f0AEtORrT9QpihoKWHWQgXt6EZECElKkkPpGVfIw-1AJ9jTrAbBd-LN1ZDwx3mHy1NdHaD8rNO3pR7_-zZar4b6ZLDy7L78kZCmRRk3peBsA80UQP1PlNUIZw9L5DK4z2qBdcUGUnY5dQmBKvc5ePDTmR-3e7nP8yxngh60Dca8y0cgzkjIQPv4KDLC9nvoyfIdbRyBiQRDU8a0_i0oQp1SZQlnA7DYJ-V0qdtIv1Aha5Jm4yJVeO7tSQa2JWNwnxTZmlL3q9rF2B5O02vgk6uZ3w8bMD3vBfg&sai=AMfl-YRrGyvGuANHXTjce1lMvJYTGLC_IaGyZ52ZmLMtrxpK61Q3HlIUKNS-npfL1QiDLtnIvM0EvNTIsvINqstgwoXM6xCqJtjaebgSQvjQ1VEFeqAoLLIaH6jggFa-juXQ&sig=Cg0ArKJSzMz_OS9BdHdqEAE&uach_m=[UACH]&adurl=
Frame ID: A0A132B84839C0C99CF7B0432BCD9977
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4C4B9FECA3A76E6672DE7E45038AE870
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 011E4BBC3E3D203F2B69CC4E883191ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76535E349837FA8AC3FF795C2834C531
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

This week in ransomware – Friday the 13th edition, 2022 | IT World Canada News

Page URL History Show full URLs

https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+... Page URL
https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_sour... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

142
Requests

92 %
HTTPS

55 %
IPv6

22
Domains

29
Subdomains

24
IPs

3
Countries

3211 kB
Transfer

6529 kB
Size

32
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ITWorldCa

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/itworldcanada/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/user?screen_name=itworldca

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvlbuIiCz691utVrZYbYhIA

Search URL Search Domain Scan URL

URL: http://digital.itwc.ca/
Title: Digital Magazines

Search URL Search Domain Scan URL

URL: https://digitaltransformationawards.ca/
Title: Digital Transformation Conference and Awards

Search URL Search Domain Scan URL

URL: https://technicity.ca/
Title: Technicity GTA

Search URL Search Domain Scan URL

URL: https://www.itbusiness.ca/cmo-digital#cmo-talks-podcast
Title: CMO Talks

Search URL Search Domain Scan URL

URL: http://www.itwc.ca/contact-us.php
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=This+week+in+ransomware+%E2%80%93+Friday+the+13th+edition%2C+2022&url=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091&via=itworldca
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091&title=This+week+in+ransomware+%E2%80%93+Friday+the+13th+edition%2C+2022
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091&title=This+week+in+ransomware+%E2%80%93+Friday+the+13th+edition%2C+2022
Title: ReddIt

Search URL Search Domain Scan URL

URL: https://www.telus.com/en/on/business/ransomware-study?INTCMP=VAN_ransomwarestudy
Title: www.telus.com/RansomwareStudy

Search URL Search Domain Scan URL

URL: https://securelist.com/new-ransomware-trends-in-2022/106457/
Title: new ransomware trends

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/lincoln-college-to-close-after-157-years-due-ransomware-attack/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: http://www.changethegame.ca/
Title: http://www.changethegame.ca

Search URL Search Domain Scan URL

URL: http://ca.linkedin.com/in/therealjimlove/

Search URL Search Domain Scan URL

URL: https://twitter.com/CIOJimLove

Search URL Search Domain Scan URL

URL: http://www.itwc.ca/about-us.php
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.itwc.ca/legal.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://itwc.ca/
Title: ITWC

Search URL Search Domain Scan URL

URL: https://channeldailynews.com/
Title: ChannelDailyNews.com

Search URL Search Domain Scan URL

URL: https://www.itbusiness.ca/
Title: ITbusiness.ca

Search URL Search Domain Scan URL

URL: https://www.directioninformatique.com/
Title: DirectionInformatique.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg Page URL
https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3627642794608164878&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3627642794608164878&redir=

Request Chain 93

https://idsync.rlcdn.com/395886.gif?partner_uid=3627642794608164878 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNzY0Mjc5NDYwODE2NDg3OBAAGg0I7dbjlAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=75028a6f867dccc5b2f60f60a82f9b6a27827deb249db9f0040121d4855a6691f4cb09cee1a4f8eb&person_id=3627642794608164878&eid=50082

Request Chain 94

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=3baafc6b-d6df-4a25-a820-e6d366fad09e&gdpr=0&gdpr_consent=

Request Chain 95

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3627642794608164878 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3627642794608164878 HTTP 302
https://ml314.com/csync.ashx?fp=9fceaa7b74ec96b39e7450fc4788c5ba&eid=50146&person_id=3627642794608164878

Request Chain 96

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2s_YlvdzjumeBH68v60aNxGpyjGTqFP9h5gjXNC5AQHw&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2s_YlvdzjumeBH68v60aNxGpyjGTqFP9h5gjXNC5AQHw&person_id=3627642794608164878&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 104

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2De-oYbOjDae7TvZtfefKz76wj4AjEFKL9b6ogdA71Vk&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2De-oYbOjDae7TvZtfefKz76wj4AjEFKL9b6ogdA71Vk&person_id=3627642794608164878&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 105

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3627642794608164878%26eid=50220 HTTP 302
https://ml314.com/csync.ashx?fp=5f086298-eb6d-4300-bc25-a7e6c20e0204&person_id=3627642794608164878&eid=50220

Request Chain 106

https://tags.bluekai.com/site/20486?limit=0&id=3627642794608164878&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3627642794608164878%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=3627642794608164878&eid=50056

Request Chain 107

https://ib.adnxs.com/getuid?https://ml314.com/csync.ashx%3Ffp=$UID%26person_id=3627642794608164878%26eid=2 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fml314.com%2Fcsync.ashx%253Ffp%3D%24UID%2526person_id%3D3627642794608164878%2526eid%3D2 HTTP 302
https://ml314.com/csync.ashx?fp=5307840846097607621&person_id=3627642794608164878&eid=2

142 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK messagent.php
www.itworldcanada.com/ 524 B
603 B 195ms
56ms Document
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 367
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Jun 2022 16:55:07 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request 484091 Show response
www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/ 357 KB
60 KB 895ms
894ms Document
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 847976eea2b0507cea0df299fa3ec6a96a448327b99514497cef7a74a4f51d4d

Request headers

Referer: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Jun 2022 16:55:07 GMT
Keep-Alive: timeout=5, max=99
Link: <https://www.itworldcanada.com/wp-json/>; rel="https://api.w.org/", <https://www.itworldcanada.com/wp-json/wp/v2/posts/484091>; rel="alternate"; type="application/json", <https://www.itworldcanada.com/?p=484091>; rel=shortlink
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding,Cookie

GET
H/1.1 200
OK style.min.css
www.itworldcanada.com/wp-includes/css/dist/block-library/ 81 KB
11 KB 62ms
29ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Apr 2022 03:45:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11206

GET
H/1.1 200
OK dashicons.min.css
www.itworldcanada.com/wp-includes/css/ 58 KB
35 KB 61ms
22ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/css/dashicons.min.css?ver=5.9.3
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 03:45:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 35730

GET
H/1.1 200
OK wp-ulike.min.css
www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/css/ 18 KB
4 KB 59ms
20ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.6.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 0ac7a2eaed897e499f0b32b213e3776a5f1e2b92da00e65ac50c6a0131fc7793

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:52:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3592

GET
H/1.1 200
OK wp-ulike-pro.min.css
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/ 110 KB
13 KB 62ms
23ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.7.7
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f3ef3256e7e649b4714e11082e6bd1f2def9315cde7d06a70f31f2571f02abcc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:52:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13380

GET
H/1.1 200
OK style.css
www.itworldcanada.com/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 63ms
23ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:36:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4816

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 88ms
41ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C600%7CPoppins%3A400%2C300%2C600%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%2C600%7CRoboto%3A900%2C400%7CMontserrat%3A400%7CPoppins%3A300%2C600%2C400%7CSource+Sans+Pro%3A400&display=swap&ver=11.5

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bfcca1faf44dc958f2bbb76af949d3a5236c3a468d25db5f1cdba602db44d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 16:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 16:55:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H/1.1 200
OK algolia-autocomplete.css
www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/css/ 3 KB
1 KB 60ms
21ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/css/algolia-autocomplete.css?ver=2.2.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 4b7e34f6fe214525b816bd5841acc8674451cec6e4aa6c8128c2cba74727dd08

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 03:45:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 928

GET
H/1.1 200
OK style.css
www.itworldcanada.com/wp-content/themes/Newspaper/ 147 KB
25 KB 86ms
25ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/themes/Newspaper/style.css?ver=11.5
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: ef0f6aae9b080b159514dc82a8c8c96260286bf4b57bac7211e6f11f6250080f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:36:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25031

GET
H/1.1 200
OK style.css
www.itworldcanada.com/wp-content/themes/Newspaper-child/ 529 B
596 B 84ms
21ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/themes/Newspaper-child/style.css?ver=11.5c
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 51fd143cdf881e5ebd585e6885f79efebb3cccbee4f4ac5087588f192a3a243d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Mar 2022 17:05:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 309

GET
H/1.1 200
OK font-awesome.css
www.itworldcanada.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 43 KB
7 KB 84ms
21ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6ea45b81e47c58269b68289d05535e19
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:36:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7225

GET
H/1.1 200
OK td_legacy_main.css
www.itworldcanada.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 159 KB
24 KB 89ms
26ms Stylesheet
text/css 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: a90f3071f749920d5c06cd9fbbd71919955e7d38736a8ef285b31a19b9e9ea85

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:36:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24226

GET
H/1.1 200
OK jquery.min.js Show response
www.itworldcanada.com/wp-includes/js/jquery/ 87 KB
30 KB 100ms
25ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jul 2021 21:30:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30908

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.itworldcanada.com/wp-includes/js/jquery/ 11 KB
4 KB 99ms
20ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Dec 2020 22:13:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4169

GET
H/1.1 200
OK analytics-talk-content-tracking.js Show response
www.itworldcanada.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 4 KB
2 KB 105ms
20ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.15.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: c983bccbfa3aeec262e4469747aaf9d860d93fedcf3ba263c84bd7ef21430234

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:35:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1247

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 117ms
51ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

sffe /

Resource Hash

cdbbdfeaca77c530c00b39dfca3cb78970ff275120e7659aed1651a9645b3fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28188
x-xss-protection: 0
server: sffe
etag: "1232 / 378 of 1000 / last-modified: 1654168233"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.itworldcanada.com/wp-includes/js/ 18 KB
5 KB 21ms
21ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jul 2021 21:30:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4930

GET
H2 200 it-world-canada.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 6 KB
7 KB 157ms
18ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/it-world-canada.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16d46627940f5b68a1d6ca221db33bc81f5a6f291015bb711bc965c0e13a27b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 09:14:16 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 07 Jun 2021 15:46:35 GMT
server: AmazonS3
age: 28798853
etag: "0cb38369ff377587985e7aca06a69afb"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-length: 6532
x-amz-cf-id: rJOgZy51EVEmfR8ruP9jpv9RxrB0Sq_qMM7fUs_Kg5-2G7xGGA5X2Q==
expires: Sat, 19 Mar 2022 20:41:04 GMT

GET
H2 200 Ransomware-keyboard-GettyImages-CROPPED.jpg
i.itworldcanada.com/wp-content/uploads/2021/02/ 13 KB
13 KB 159ms
20ms Image
image/jpeg 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/02/Ransomware-keyboard-GettyImages-CROPPED.jpg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3f100551911545756ee9ff288bb7949a1904c303a10d7e3c316d6248495c9eb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:09:20 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Sun, 21 Feb 2021 07:08:34 GMT
server: AmazonS3
age: 693949
etag: "acb1cdba50def874237a85a5014c5a72"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/jpeg
content-length: 13170
x-amz-cf-id: bfhFyAIidmyfUZCvM41NWDEimVirMxlgY13UeFAemjrkEGausxFoqA==
expires: Mon, 21 Feb 2022 07:08:33 GMT

GET
H/1.1 200
OK 4004.thumbnail.png
www.itworldcanada.com/wp-content/uploads/userphoto/ 11 KB
11 KB 21ms
21ms Image
image/png 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/uploads/userphoto/4004.thumbnail.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 64eabf2b14beb4aa6d6c887f4f384d245d33f69366eeb594392bf77dce3f43db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Last-Modified: Wed, 12 Feb 2014 22:04:32 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11134

GET
H/1.1 200
OK gtm4wp-form-move-tracker.js Show response
www.itworldcanada.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
663 B 20ms
20ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.15.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:35:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 362

GET
H/1.1 200
OK wp-ulike-pro.min.js Show response
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/js/ 28 KB
9 KB 21ms
21ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/js/wp-ulike-pro.min.js?ver=1.7.7
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: bd5fda1a0cdd5aea44ffa78d9729cd9e90f4eb0f5c4940ae9ac87d60fc6d4d48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:52:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8548

GET
H/1.1 200
OK underscore.min.js Show response
www.itworldcanada.com/wp-includes/js/ 19 KB
7 KB 25ms
23ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Feb 2022 23:29:02 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7316

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
www.itworldcanada.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 24ms
21ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:36:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2011

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
www.itworldcanada.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 275 KB
64 KB 32ms
29ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 235be8bfdd19de9bbd0b0291b2b588b6c295093a33120f06d1e1b8803708c7fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:36:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK wp-util.min.js Show response
www.itworldcanada.com/wp-includes/js/ 1 KB
1006 B 23ms
20ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-includes/js/wp-util.min.js?ver=5.9.3
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jul 2021 21:30:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 705

GET
H/1.1 200
OK algoliasearch-lite.umd.js Show response
www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/js/algoliasearch/dist/ 14 KB
5 KB 25ms
23ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/js/algoliasearch/dist/algoliasearch-lite.umd.js?ver=2.2.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 51cac630c97cf0f4f4cf982fa2d362a80ec7df47f55094d42fd6477b2ea2f639

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 03:45:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4482

GET
H/1.1 200
OK autocomplete.min.js Show response
www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/js/autocomplete.js/dist/ 56 KB
18 KB 23ms
23ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/js/autocomplete.js/dist/autocomplete.min.js?ver=2.2.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: ae2da1bd62c6469ee27770ad1cddf2e8296d8a7f6d85b091463e5200c5e320af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 03:45:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 18109

GET
H/1.1 200
OK autocomplete-noconflict.js Show response
www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/js/ 56 B
309 B 22ms
21ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-search-with-algolia/js/autocomplete-noconflict.js?ver=2.2.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: f53f233e493799177bfa142e528f9b8beb24c9a32c6099580fc86ab5ecfa6bba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Last-Modified: Thu, 19 May 2022 03:45:05 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 56

GET
H/1.1 200
OK js_files_for_front.min.js Show response
www.itworldcanada.com/wp-content/plugins/td-cloud-library/assets/js/ 41 KB
10 KB 25ms
24ms Script
application/javascript 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: cda5f084c2c6f858fafe20b03ed46c19082233f70cb20282f1090ac1a2415719

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 22:36:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 9436

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
44 KB 96ms
43ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NVWMFZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b591aacae16f8b1eaaccbc2c11094df1f820692a0a1194566e25851be9365e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 16:14:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 57ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: nTUChCCX79KwHp2qSq6ebXuPKVDS3yZJ93U96sy15Sogtgkv93dtsc1J6uT5HQfvBxpDfktSj3IPdmvts1mFMg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Thu, 02 Jun 2022 16:55:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK newspaper.woff
www.itworldcanada.com/wp-content/themes/Newspaper/images/icons/ 28 KB
28 KB 36ms
21ms Font
font/woff 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/themes/Newspaper/style.css?ver=11.5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Request headers

Referer: https://www.itworldcanada.com/wp-content/themes/Newspaper/style.css?ver=11.5
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Last-Modified: Thu, 19 May 2022 22:36:18 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 28732

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 76ms
23ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C600%7CPoppins%3A400%2C300%2C600%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%2C600%7CRoboto%3A900%2C400%7CMontserrat%3A400%7CPoppins%3A300%2C600%2C400%7CSource+Sans+Pro%3A400&display=swap&ver=11.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:58:05 GMT
x-content-type-options: nosniff
age: 208623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 06:58:05 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 74ms
20ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 09:56:06 GMT
x-content-type-options: nosniff
age: 197942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 09:56:06 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 78ms
27ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 04:20:27 GMT
x-content-type-options: nosniff
age: 218081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 04:20:27 GMT

GET
H/1.1 200
OK checkmark-like.svg
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/checkmark-like.svg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.7.7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: cd7a6996192a36ba247c32e9a19de9c0c3c7f8cc876790594dc93db32c7b051c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.7.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Last-Modified: Fri, 22 Apr 2022 22:52:18 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1165

GET
H/1.1 200
OK checkmark-dislike.svg
www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/ 1 KB
2 KB 21ms
20ms Image
image/svg+xml 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/img/svg/checkmark-dislike.svg
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.7.7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5e8dde458697ee3e5605d67f7503ced27c2e78de057c8bc8823c0687618e1439

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/wp-content/plugins/wp-ulike-pro/public/assets/css/wp-ulike-pro.min.css?ver=1.7.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Last-Modified: Fri, 22 Apr 2022 22:52:18 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1388

GET
H2 200 empty.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 5 KB
5 KB 69ms
19ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/empty.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4ca6817b01516b2ab97d83dcfe7fc9d1be7ab071cb7c535120842f6052731b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 11:55:23 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Sat, 20 Mar 2021 00:48:13 GMT
server: AmazonS3
age: 5029186
etag: "65348798d5cb39f9af8ca35d87f953c7"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 5026
x-amz-cf-id: 4d_-EU0tY-_M_L83hpYpX1eU5YV-cudea_kqejnC6uLcjUhceVKlXw==
expires: Sun, 20 Mar 2022 00:48:12 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 22ms
20ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:31:56 GMT
x-content-type-options: nosniff
age: 76992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:31:56 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 49ms
48ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 05:24:13 GMT
x-content-type-options: nosniff
age: 214255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 05:24:13 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 34ms
33ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 09:06:16 GMT
x-content-type-options: nosniff
age: 200932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 09:06:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 41ms
40ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:31:59 GMT
x-content-type-options: nosniff
age: 76989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:31:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 45ms
44ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 76991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:31:57 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.itworldcanada.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 21ms
20ms Font
font/woff2 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6ea45b81e47c58269b68289d05535e19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.itworldcanada.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6ea45b81e47c58269b68289d05535e19
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Last-Modified: Thu, 19 May 2022 22:36:24 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 77160

GET
H/1.1 200
OK daily.php Show response
www.itworldcanada.com/subscribe/ Frame D2E7 10 KB
3 KB 23ms
22ms Document
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.140.127.168 London, Canada, ASN40788 (START-, CA),
Reverse DNS
Software: Apache /
Resource Hash: e7d44bc3895e3205728283fa417602ef907ee7ad9bb068c7b8fcf351a8855d5d

Request headers

Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3160
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Jun 2022 16:55:08 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=94
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cube.js Show response
bb.itwc.ca/js/ 9 KB
9 KB 263ms
19ms Script
text/x-javascript 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL

https://bb.itwc.ca/js/cube.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.140.127.151 London, Canada, ASN40788 (START-, CA),

Reverse DNS

Software

Apache /

Resource Hash

1f822027b6c82d89cf087cfcf56e7e755a870111faf04c87cf626108f7b5263e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:54:52 GMT
Last-Modified: Thu, 30 May 2019 19:45:42 GMT
Server: Apache
Content-Type: text/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9231
X-XSS-Protection: 1; mode=block

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 20ms
20ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 76984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:32:04 GMT

GET
H3 200 1348048558951275 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 39ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1348048558951275?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0ccffdc31d7f2825ae2f4057c080f7dbdf26a4f4526fcac81453ac6c893bccc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88831
x-xss-protection: 0
pragma: public
x-fb-debug: 58VrYz7GTR9I6vY3qUXtarn4XTPw987FTCUVmPIZxwf9gSk+wAYvwN5GP1F6d120X9Xl4QSjqD7Cn4Fe8uErcQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 02 Jun 2022 16:55:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2022053101.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 63ms
20ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

sffe /

Resource Hash

f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 10:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127016
x-xss-protection: 0
last-modified: Tue, 31 May 2022 08:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Jun 2023 10:39:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
118 B 76ms
36ms XHR
application/json 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itworldcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

a0e06c2224398dc583a6ae90201a5faec3174306f1502f24364b29967682ee8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D2E7 6 KB
782 B 77ms
34ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,600|Poppins:700

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d26c4cb1e96ef9d50a31f15e397ad925d3ba90c0b9edfec7b1ef5e6f40ef9904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 16:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 16:55:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame D2E7 850 B
966 B 87ms
39ms Script
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

017891e235baa20d3b29dc2fd935c1f5890ac690636f6f172da78f2463f90cea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 86ms
45ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LGJL4Q296E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NVWMFZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f96df7325e563d0e8ff24e1270a313811504bd07902298b013e5a914669471bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70594
x-xss-protection: 0
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
18ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NVWMFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 328
date: Thu, 02 Jun 2022 16:49:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 02 Jun 2022 18:49:40 GMT

POST
H/1.1 200
OK admin-ajax.php Show response
www.itworldcanada.com/wp-admin/ 14 B
603 B 124ms
124ms XHR
text/html 64.140.127.168
START-

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itworldcanada.com/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.5

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.140.127.168 London, Canada, ASN40788 (START-, CA),

Reverse DNS

Software

Apache /

Resource Hash

f02dd8a3a2f0ee21c7bb66bb945ec5c9a8f585890d5528fc8161d8bd209d70f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 34
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.itworldcanada.com
Cache-Control: no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=93
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 57ms
11ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?25
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:05:48 GMT
age: 2960
x-guploader-uploadid: ADPycdu1aEr-nUwDntw78PD2U1Jh6H8mckorSQsP7qTUPFoAovko_PpZDqYqTXzTs39JZ3Uaa3c9GhQVKrHtLJ0D-YQO5bCjKpSb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Mon, 04 Apr 2022 15:43:44 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "25b1f355dd487bdf5381a749056080c4"
x-goog-hash: crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation: 1649087024620619
cache-id: YUL-62c5aa93
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame D2E7 117 KB
44 KB 42ms
42ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NVWMFZ

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e42c4c81f9aa80973f684f72a343e3a8f39a8f88eb77ff8ce760ef646e054771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44817
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 16:14:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/ Frame D2E7 362 KB
143 KB 65ms
19ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea07f3e90149dfd44d67158da0bcc50ded545a6d934a877b8311d8970550571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146188
x-xss-protection: 0
last-modified: Tue, 31 May 2022 04:05:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 01:57:34 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame D2E7 44 KB
44 KB 19ms
19ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,600|Poppins:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:31:56 GMT
x-content-type-options: nosniff
age: 76992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:31:56 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame D2E7 8 KB
8 KB 30ms
30ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,600|Poppins:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itworldcanada.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:09:30 GMT
x-content-type-options: nosniff
age: 207938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 07:09:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 55ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1348048558951275&ev=PageView&dl=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091%3Futm_source%3DSecurity%26utm_medium%3Denews%26utm_campaign%3DSecurity%26scid%3Dc94722c9-a305-1894-9a11-50be00c0abdc&rl=https%3A%2F%2Fwww.itworldcanada.com%2Fmessagent.php%3FID%3Dbj_XArge%2B%2Bj%2Bn_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS%2BAZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg&if=false&ts=1654188908943&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654188908941.311274937&it=1654188908791&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 87ms
40ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itworldcanada.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 190 KB
28 KB 108ms
108ms XHR
text/plain 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4203196157154979&correlator=4075792789553999&eid=31067869%2C31062930&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&iu_parts=3034%2Cidg.ca.itwcepp&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C900x150%2C300x100%7C300x50%7C320x50%2C160x600%7C300x600%2C300x600%2C300x250%2C300x250%2C300x250%7C300x600%2C900x300%7C970x250%7C900x150%7C300x100%7C300x50%7C320x50%2C1x1&ifi=1&adks=4251014571%2C2434860037%2C2764879362%2C1210744711%2C1640639909%2C823673414%2C1041493505%2C4035718169%2C310270821&sfv=1-0-38&ecs=20220602&ists=1&fsapi=false&prev_scp=pos%3Dleaderboardros%7Cpos%3Dmobileleaderboardros%7Cpos%3Dskyscraperros%7Cpos%3Dsupersky%7Cpos%3Dbigboxros%7Cpos%3Dbigbox2ros%7Cpos%3Dskybox%7Cpos%3Dfooter%7Cpos%3Dinter&cust_params=wpid%3D484091%26ptype%3Darticle%26c%3Dsecurity%26t%3D&sc=1&cookie_enabled=1&abxe=1&dt=1654188909008&lmt=1654188909&dlt=1654188908290&idt=679&biw=1600&bih=1200&adxs=266%2C-12245933%2C-9%2C-9%2C1010%2C266%2C1022%2C266%2C266&adys=155%2C-12245933%2C-9%2C-9%2C263%2C3292%2C883%2C3512%2C3512&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091%3Futm_source%3DSecurity%26utm_medium%3Denews%26utm_campaign%3DSecurity%26scid%3Dc94722c9-a305-1894-9a11-50be00c0abdc&ref=https%3A%2F%2Fwww.itworldcanada.com%2Fmessagent.php%3FID%3Dbj_XArge%2B%2Bj%2Bn_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS%2BAZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg&frm=20&vis=1&scr_x=0&scr_y=0&psz=1068x0%7C0x0%7C0x-1%7C0x-1%7C324x0%7C324x0%7C300x44%7C1068x0%7C1068x0&msz=1068x0%7C0x0%7C0x-1%7C0x-1%7C324x0%7C324x0%7C300x0%7C1068x0%7C1068x0&fws=4%2C132%2C2%2C2%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C0%2C0%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=612935327.1654188909&ga_sid=1654188909&ga_hid=1335464776&ga_fc=false&btvi=0%7C-1%7C-1%7C-1%7C0%7C1%7C0%7C2%7C3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

38e85083ca477d7e15d4bbf2dd367d78a4df0f94b7cccf45fa886856f036baa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28891
x-xss-protection: 0
google-lineitem-id: 6011401407,-2,6011401407,-2,6011401407,6011401407,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138391946149,-2,138391369901,-2,138391368824,138391945576,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.itworldcanada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
659bf2f640900994a7688d930b7c5b97.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 23E5 6 KB
4 KB 325ms
95ms Document
text/html 2a00:1450:4009:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://659bf2f640900994a7688d930b7c5b97.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:81e::2001 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 16:55:09 GMT
expires: Fri, 02 Jun 2023 16:55:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 75ms
33ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1335464776&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091%3Futm_source%3DSecurity%26utm_medium%3Denews%26utm_campaign%3DSecurity%26scid%3Dc94722c9-a305-1894-9a11-50be00c0abdc&ul=en-us&de=UTF-8&dt=This%20week%20in%20ransomware%20%E2%80%93%20Friday%20the%2013th%20edition%2C%202022%20%7C%20IT%20World%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=670816094&gjid=1916215932&cid=612935327.1654188909&tid=UA-2214941-1&_gid=1733159458.1654188909&_r=1&gtm=2wg6105NVWMFZ&cd1=Jim%20Love&cd2=May%2014%2C%202022&cd3=security&cd5=post&cd7=2022-05-14&cd8=News&cd9=Risk&z=516029016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itworldcanada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LGJL4Q296E&gtm=2oe610&_p=1335464776&_z=ccd.tdB&cid=612935327.1654188909&ul=en-us&sr=1600x1200&_s=1&sid=1654188909&sct=1&seg=0&dl=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091%3Futm_source%3DSecurity%26utm_medium%3Denews%26utm_campaign%3DSecurity%26scid%3Dc94722c9-a305-1894-9a11-50be00c0abdc&dr=https%3A%2F%2Fwww.itworldcanada.com%2Fmessagent.php%3FID%3Dbj_XArge%2B%2Bj%2Bn_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS%2BAZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg&dt=This%20week%20in%20ransomware%20%E2%80%93%20Friday%20the%2013th%20edition%2C%202022%20%7C%20IT%20World%20Canada%20News&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGJL4Q296E&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itworldcanada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cryptojs.js Show response
bb.itwc.ca/js/ 8 KB
8 KB 20ms
20ms Script
text/x-javascript 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL

https://bb.itwc.ca/js/cryptojs.js

Requested by

Host: bb.itwc.ca
URL: https://bb.itwc.ca/js/cube.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.140.127.151 London, Canada, ASN40788 (START-, CA),

Reverse DNS

Software

Apache /

Resource Hash

75fb7639af36293cf3b45f8eb3cde61b59dcc6b9dec93e23785a9eb62e119d73

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:54:52 GMT
Last-Modified: Sat, 24 Mar 2018 02:29:54 GMT
Server: Apache
Content-Type: text/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8169
X-XSS-Protection: 1; mode=block

GET
H3 200 utsync.ashx Show response
ml314.com/ 644 B
667 B 83ms
59ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88740&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091%3Futm_source%3DSecurity%26utm_medium%3Denews%26utm_campaign%3DSecurity%26scid%3Dc94722c9-a305-1894-9a11-50be00c0abdc&pv=1654188909095_9nzkmkl9k&bl=en-us&cb=3818634&return=&ht=&d=&dc=&si=1654188909095_9nzkmkl9k&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.itworldcanada.com%2Fmessagent.php%3FID%3Dbj_XArge%2B%2Bj%2Bn_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS%2BAZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg&v=2.5.1.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 733239a52c914e1494171a0831d2de5c82ba0de7fd492c467ec78f5074bc86a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:08 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 188ms
95ms Script
application/javascript 54.211.26.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=252022&v=2.5.1.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.26.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-26-76.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:09 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 03 Jun 2022 16:55:09 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AE98 41 KB
21 KB 97ms
51ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctagoaAAAAAN72dYmKMI8V__Y4VWufR4k-3hZF&co=aHR0cHM6Ly93d3cuaXR3b3JsZGNhbmFkYS5jb206NDQz&hl=en&v=81cz2KigKZoE-gRplogO8692&size=invisible&sa=submit&cb=15s8ejnil3oa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1ba891cb476994991a846c0be5e25bf9885ab9d6990d9dfbc539e54d5048306

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YKnbTYm_IqXJb8AInqKykw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21840
content-security-policy: script-src 'report-sample' 'nonce-YKnbTYm_IqXJb8AInqKykw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 16:55:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame D2E7 194 KB
69 KB 46ms
46ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LGJL4Q296E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NVWMFZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e3afec2fa191df77c9aad12f0f578831c7802edc3a38c0251e9438f5ba3c848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70649
x-xss-protection: 0
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D2E7 49 KB
20 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NVWMFZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 329
date: Thu, 02 Jun 2022 16:49:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 02 Jun 2022 18:49:40 GMT

GET
H3 200 tag.aspx Show response
ml314.com/ Frame D2E7 31 KB
31 KB 11ms
11ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?25
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:05:48 GMT
age: 2961
x-guploader-uploadid: ADPycdu1aEr-nUwDntw78PD2U1Jh6H8mckorSQsP7qTUPFoAovko_PpZDqYqTXzTs39JZ3Uaa3c9GhQVKrHtLJ0D-YQO5bCjKpSb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Mon, 04 Apr 2022 15:43:44 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "25b1f355dd487bdf5381a749056080c4"
x-goog-hash: crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation: 1649087024620619
cache-id: YUL-62c5aa93
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 96ms
35ms XHR
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2214941-1&cid=612935327.1654188909&jid=670816094&gjid=1916215932&_gid=1733159458.1654188909&_u=YAhAAEAAAAAAAC~&z=113216423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itworldcanada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 02 Jun 2022 16:55:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.itworldcanada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D285 0
0 84ms
83ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvxpVqDXq9Zo26TjARN-P6uDPgKblbDARcj4tVdM8ZzPohMENZtbArIUBDqPVlbFq5L2yxq-Acrjli1tX2_r-XOHeGkbBA4xs3ezRzWsU7tW_ZsqgLbJVcW51UD5M3Bh2S5VdsVUsQiaIi3Pst3-HWTwiGzA3vqbiVZaLv4JqeYoPAjwtGWIoh-NQVYFHDd3y_BilOhnXt73PoS5JM1hOjrWjxaDUkCGfH3i43PSdpOcn5iNhAk0MZ3uvO4FMjURmlRBoLf_F_MLaLuEtmm9siBOEZSAObQnNCsaOZ8etqCJ1g-7tuURVwpmrsDg&sai=AMfl-YT9s4tZePB3M3T3iqYa1Bp3l8pDj0EenpvL23xsXkgJu_KGeBHJlyxU096N46Id0ofFb3WWZp1RdA7r9xKmqAF9ckwwQ0OPPlx3T3WqBbyQGFy_yl6vZELqk-b9mceB&sig=Cg0ArKJSzBGdUbm8yLoPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame D285 21 KB
9 KB 101ms
41ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 16:53:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame D285 3 KB
1 KB 78ms
19ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 16:44:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D285 138 KB
43 KB 104ms
44ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H2 200 16869517853169735957
tpc.googlesyndication.com/simgad/ Frame D285 928 KB
929 KB 127ms
68ms Image
image/gif 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16869517853169735957

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf22a9c735795b5c39296e990ce7f04634f182f47feece1473b995389fe9e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:17 GMT
x-content-type-options: nosniff
age: 96652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 950260
x-xss-protection: 0
last-modified: Wed, 11 May 2022 13:35:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Jun 2023 14:04:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93F8 0
0 80ms
79ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOJETRyDtL36ak_vPKK_1U3CXGHWtcWi-9R6rnhvxk-4goq-5jxIv0eZV8QUHDUQsdxeXk-6S5WXEMIe17-7Mu8LG230BUHv5h8fXGOfvpajZICCTb39oSd9DphsuTuLfXlEdaeG2Wg2EoEdsy2xQuiV-_zBJO9nuDT3ETrofg6M_g_8YeKyv2qfg78j4b2p2Pvmx_v3nfw09uvVi4VtB2Wo3bxK_0MvRUELNQUvaRiyg_qpNaqBChXD0Sseom8q-vvJ7eJzhcEdyJcTtS6F0KW5E_EOImTRMpn-I2ljolX8dccNBlDb6OYIw4KQ&sai=AMfl-YSwtr5ACBjs3uQ5-uQH0cJXLpygIVS-VnDATVIWwY-SLKC-ITVgt9epbFWOmI61A1VErq3QbsYqrzNQMgCR0PQ-SmfqCOiy_Ba5MaUEbLvF9o_9_EWpD0DK01amf-YA&sig=Cg0ArKJSzKkydWiatja2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 93F8 21 KB
9 KB 114ms
60ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 16:53:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 93F8 3 KB
2 KB 70ms
18ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 16:44:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93F8 138 KB
43 KB 137ms
84ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 93F8 0
0 36ms
36ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3GNETFH8FkngAtCpQmFaH0XtetkxaaaMThIEl_dEgb33aVBuYlH8E-DEfocm83ANmPAbV-eEuh9hHsihbSN40p49JXw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 16497514600284474769
tpc.googlesyndication.com/simgad/ Frame 93F8 54 KB
54 KB 72ms
20ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16497514600284474769

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde080ba8b0c6b5d74f691d387a14df278130a170ff8693b00356c27f19294c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:32:35 GMT
x-content-type-options: nosniff
age: 94954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54814
x-xss-protection: 0
last-modified: Wed, 11 May 2022 13:32:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Jun 2023 14:32:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A0A1 0
0 83ms
82ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscMqvHYxaB3IcQu4pPUUm1kle3f0AEtORrT9QpihoKWHWQgXt6EZECElKkkPpGVfIw-1AJ9jTrAbBd-LN1ZDwx3mHy1NdHaD8rNO3pR7_-zZar4b6ZLDy7L78kZCmRRk3peBsA80UQP1PlNUIZw9L5DK4z2qBdcUGUnY5dQmBKvc5ePDTmR-3e7nP8yxngh60Dca8y0cgzkjIQPv4KDLC9nvoyfIdbRyBiQRDU8a0_i0oQp1SZQlnA7DYJ-V0qdtIv1Aha5Jm4yJVeO7tSQa2JWNwnxTZmlL3q9rF2B5O02vgk6uZ3w8bMD3vBfg&sai=AMfl-YRrGyvGuANHXTjce1lMvJYTGLC_IaGyZ52ZmLMtrxpK61Q3HlIUKNS-npfL1QiDLtnIvM0EvNTIsvINqstgwoXM6xCqJtjaebgSQvjQ1VEFeqAoLLIaH6jggFa-juXQ&sig=Cg0ArKJSzMz_OS9BdHdqEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/messagent.php?ID=bj_XArge++j+n_c1EuvnkRmytcjaegaV2GC1hwu7Ppu__Isble9tryvnOS+AZzBT44EVV23yJlmk_E6ey9J74KtHURVa8beDbg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H2 200 16497514600284474769
tpc.googlesyndication.com/simgad/ Frame A0A1 54 KB
54 KB 83ms
51ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16497514600284474769

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde080ba8b0c6b5d74f691d387a14df278130a170ff8693b00356c27f19294c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:32:35 GMT
x-content-type-options: nosniff
age: 94954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54814
x-xss-protection: 0
last-modified: Wed, 11 May 2022 13:32:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Jun 2023 14:32:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame A0A1 21 KB
9 KB 109ms
63ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 16:53:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame A0A1 3 KB
1 KB 126ms
125ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 16:44:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0A1 138 KB
43 KB 131ms
85ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A0A1 0
0 42ms
42ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl5tfHCvxXVzEIS4s6AgS1de_c6T7RylCfpefzY6E60gF1CJZqrGLGE_qS6W4l1CooGKe6-PGiCTwpcv8zW7Q8npM35Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3627642794608164878&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3627642794608164878&redir=

42 B
945 B

79ms
78ms

Image
image/gif

34.213.154.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3627642794608164878&redir=

Requested by

Protocol

HTTP/1.1

Server

34.213.154.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-154-128.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v030-0c3d024bb.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Eqp2e2aCRWk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-1-v030-0c3d024bb.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: HpbaebDkS5c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3627642794608164878&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3627642794608164878
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNzY0Mjc5NDYwODE2NDg3OBAAGg0I7dbjlAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=75028a6f867dccc5b2f60f60a82f9b6a27827deb249db9f0040121d4855a6691f4cb09cee1a4f8eb&person_id=3627642794608164878&eid=50082

43 B
60 B

27ms
27ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=75028a6f867dccc5b2f60f60a82f9b6a27827deb249db9f0040121d4855a6691f4cb09cee1a4f8eb&person_id=3627642794608164878&eid=50082
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Fri, 03 Jun 2022 12:55:09 GMT

Redirect headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=75028a6f867dccc5b2f60f60a82f9b6a27827deb249db9f0040121d4855a6691f4cb09cee1a4f8eb&person_id=3627642794608164878&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

utsync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=3baafc6b-d6df-4a25-a820-e6d366fad09e&gdpr=0&gdpr_consent=

43 B
64 B

59ms
58ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=3baafc6b-d6df-4a25-a820-e6d366fad09e&gdpr=0&gdpr_consent=
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Fri, 03 Jun 2022 12:55:09 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=3baafc6b-d6df-4a25-a820-e6d366fad09e&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 241

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3627642794608164878
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3627642794608164878
https://ml314.com/csync.ashx?fp=9fceaa7b74ec96b39e7450fc4788c5ba&eid=50146&person_id=3627642794608164878

43 B
60 B

27ms
26ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=9fceaa7b74ec96b39e7450fc4788c5ba&eid=50146&person_id=3627642794608164878
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Fri, 03 Jun 2022 12:55:09 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=9fceaa7b74ec96b39e7450fc4788c5ba&eid=50146&person_id=3627642794608164878
cache-control: no-cache
x-server: 10.40.33.149
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2s_YlvdzjumeBH68v60aNxGpyjGTqFP9h5gjXNC5AQHw&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2s_YlvdzjumeBH68v60aNxGpyjGTqFP9h5gjXNC5AQHw&person_id=3627642794608164878&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

25ms
24ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/article/this-week-in-ransomware-friday-the-13th-edition-2022/484091?utm_source=Security&utm_medium=enews&utm_campaign=Security&scid=c94722c9-a305-1894-9a11-50be00c0abdc
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:09 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
expires: Fri, 03 Jun 2022 12:55:09 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ Frame D2E7 641 B
664 B 33ms
33ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88740&ct=js&pi=3627642794608164878&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.itworldcanada.com%2Fsubscribe%2Fdaily.php%3Ftheme%3Dlight&pv=1654188909235_g2glmbpwb&bl=en-us&cb=6277831&return=&ht=&d=&dc=&si=1654188909095_9nzkmkl9k&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091%3Futm_source%3DSecurity%26utm_medium%3Denews%26utm_campaign%3DSecurity%26scid%3Dc94722c9-a305-1894-9a11-50be00c0abdc&v=2.5.1.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ce909463529686eb56d9bcced0f0fa2925ffefe461298e8505459c6ecc9140a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:08 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 641
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame D2E7 20 B
482 B 139ms
93ms Script
application/javascript 54.211.26.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=252022&v=2.5.1.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.26.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-26-76.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 03 Jun 2022 16:55:09 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame D2E7 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2050856535&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itworldcanada.com%2Fsubscribe%2Fdaily.php%3Ftheme%3Dlight&ul=en-us&de=UTF-8&dt=REGISTER%20FOR%20THE%20IT%20WORLD%20CANADA%20NEWSLETTER&sd=24-bit&sr=1600x1200&vp=1600x350&je=0&_u=QACAAEAB~&jid=&gjid=&cid=612935327.1654188909&tid=UA-2214941-1&_gid=1733159458.1654188909&gtm=2wg6105NVWMFZ&cd6=c94722c9-a305-1894-9a11-50be00c0abdc&cd7=--&cd10=c94722c9-a305-1894-9a11-50be00c0abdc&cd11=c94722c9-a305-1894-9a11-50be00c0abdc&z=1118823062

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 17:18:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85014
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2214941-1&cid=612935327.1654188909&jid=670816094&_u=YAhAAEAAAAAAAC~&z=28899818

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 87ms
36ms Image
image/gif 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2214941-1&cid=612935327.1654188909&jid=670816094&_u=YAhAAEAAAAAAAC~&z=28899818

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/ Frame AE98 51 KB
24 KB 65ms
21ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctagoaAAAAAN72dYmKMI8V__Y4VWufR4k-3hZF&co=aHR0cHM6Ly93d3cuaXR3b3JsZGNhbmFkYS5jb206NDQz&hl=en&v=81cz2KigKZoE-gRplogO8692&size=invisible&sa=submit&cb=15s8ejnil3oa

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Tue, 31 May 2022 04:05:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 01:57:34 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/ Frame AE98 362 KB
143 KB 63ms
20ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea07f3e90149dfd44d67158da0bcc50ded545a6d934a877b8311d8970550571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146188
x-xss-protection: 0
last-modified: Tue, 31 May 2022 04:05:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 01:57:34 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame D2E7
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2De-oYbOjDae7TvZtfefKz76wj4AjEFKL9b6ogdA71Vk&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2De-oYbOjDae7TvZtfefKz76wj4AjEFKL9b6ogdA71Vk&person_id=3627642794608164878&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

23ms
23ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 16:55:09 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
expires: Fri, 03 Jun 2022 12:55:09 GMT

GET
H3

200

csync.ashx
ml314.com/ Frame D2E7
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3627642794608164878%26eid=50220
https://ml314.com/csync.ashx?fp=5f086298-eb6d-4300-bc25-a7e6c20e0204&person_id=3627642794608164878&eid=50220

43 B
60 B

27ms
27ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=5f086298-eb6d-4300-bc25-a7e6c20e0204&person_id=3627642794608164878&eid=50220
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Fri, 03 Jun 2022 12:55:09 GMT

Redirect headers

Date: Thu, 02 Jun 2022 16:55:09 GMT
Server: MT3 4419 e1034d5 master ord-pixel-x57 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=5f086298-eb6d-4300-bc25-a7e6c20e0204&person_id=3627642794608164878&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 02 Jun 2022 16:55:08 GMT

GET
H3

200

csync.ashx
ml314.com/ Frame D2E7
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=3627642794608164878&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3627642794608164878%26eid=50056
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=3627642794608164878&eid=50056

43 B
60 B

28ms
27ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=3627642794608164878&eid=50056
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Fri, 03 Jun 2022 12:55:09 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=3627642794608164878&eid=50056
Date: Thu, 02 Jun 2022 16:55:09 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3

200

csync.ashx
ml314.com/ Frame D2E7
Redirect Chain

https://ib.adnxs.com/getuid?https://ml314.com/csync.ashx%3Ffp=$UID%26person_id=3627642794608164878%26eid=2
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fml314.com%2Fcsync.ashx%253Ffp%3D%24UID%2526person_id%3D3627642794608164878%2526eid%3D2
https://ml314.com/csync.ashx?fp=5307840846097607621&person_id=3627642794608164878&eid=2

43 B
60 B

29ms
29ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=5307840846097607621&person_id=3627642794608164878&eid=2
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/subscribe/daily.php?theme=light
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Fri, 03 Jun 2022 12:55:09 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 16:55:09 GMT
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 597fe4a7-1580-4cb8-8d80-0162511c9a9e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ml314.com/csync.ashx?fp=5307840846097607621&person_id=3627642794608164878&eid=2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D285 0
0 83ms
80ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9EPj2lX10iXl8zK0dvsFMX2YKR3nIHNllQ2E3fX9aRf-lR1qBDfhajpywOJy_5nEpbwPkc9zseFjcbT6Dz1-bRJJQMWhebi8vY6JPwx5b6j8DK8_lmAdCsgGIeNabhBIb7WMJ_cwKKGjj3jddHBVuckLAIBMkueEM4c1PGeM-nM110mVkjC-uCIj6nmQ1k_npgpyHSTlOnHr1YXPAYfrioK46bHET_7za5NzAW_X84B9LbmBacBfd0U_8ZJE_VJSzECBS1xLZncraJeXNUStS3dR142aLH8QLhS0O_-8gXpz32_amsscd39onEllz&sai=AMfl-YQac4b2HymFnNyP_dR3GKLSD8e0h8pPUp9ERBK99-6qt7XAuoV64KOc85IOFmOgIQsFKevrw_hZdgeVXHgCGiIKlHaTn3YLGOT27RtZPj6RoEUEDvOmlEyz76BUtYLW&sig=Cg0ArKJSzFBqY6Zy4k4rEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
DATA 200
OK truncated
/ Frame D285 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39aad4dd6ffc5005f780cad0abe9a8928640248f069eca11d206f8afae5b6fca

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93F8 0
0 81ms
81ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUFGaR9q5McyxopcxUU4kofjxHkfKfXYGWqFV6lcvKCxA4zO4t5XOCHzrCysyQw1-Q0y22HjDyHwIDUXNSW5ET_D5-fh-eauxs8BGvawLP489QTAANwri4W3n7L8zO4_YIvMoVLgz7zN-3kTEeRX7lkSedn6drWDa7Qwx080XDV5ieeA_UuUPLQbkp7XNk8XKHlECtYvJDJeukwbCdBJ3I7Hhce6uCV-Zi9gcQFK2QeuCtAn0KBpJ4HmqyVhJx-TvTrgqj2y8KiYunikEn6sCG9UsW4PKLMqAET_-L2LZUE6gYfn1XhZWRP-P0IRTu&sai=AMfl-YQYKHWS9k25YrpVu-ui-FE6o3pPEPRfziz1YKxJSMZZ9Vq0te9WhN29tSlOs9JOEv4XUI5YCnI3GzlClXB_phZ3b1Am2iF8D8n9k7tav1HF46_YLgv9-nolmtGL-r_T&sig=Cg0ArKJSzHLMRYAp9Am0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
DATA 200
OK truncated
/ Frame 93F8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8512bda02831a1a203f57871aaa28f18b15259e9c24d045ba0426feee9989be7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A0A1 0
0 82ms
81ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZcY2XqQCokYSYv2g3qOewziaQEl_hsDZHP2ynSrKFtQvnSd3gpAuGVyVawkot0yEzXAld1DIue6DsnKUrKGOG2wneoFTc2JuKE5pQvhPAF1waChK9sJrwzYnRaBbh1QAs3RYAC23DM-F9u5-bGhaUU6MRaofy2APrMp_BpY8Vl2O7sse_XbnnK_2zx3H_J2WeIR4eq9WGFWLoXM-Vo4X7XjZM5Ap3rF4AUjC_HOJIoP0oknMA1Z70bOYmfFbjvtTzBpoi1TbSXD5GJxN9GSHNqb-IjOuzPUTNBo0mCedUWhgXj0XddSSii7MGmwcG&sai=AMfl-YRWsaaKnPs1aM3OPiLFtla8C25Q86X2VkuxAv7vrVfmD3DaT_ir3AWfNdB35u8LY-8szKUNw1sTHx4psn2M49eTxaHXJBKBHy1ruwAvgF2pdGLAFs7nefvvGpAzwru4&sig=Cg0ArKJSzEvLBl5ivG6OEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
DATA 200
OK truncated
/ Frame A0A1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54bdfeab72dc34ff262050cf7cff2e37f88e8fa048cf5237b844ccf41bff3bea

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AE98 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/81cz2KigKZoE-gRplogO8692/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 13:59:43 GMT
x-content-type-options: nosniff
age: 442526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 04 Jun 2022 13:59:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE98 15 KB
15 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 11:41:34 GMT
x-content-type-options: nosniff
age: 191615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 31 May 2023 11:41:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AE98 15 KB
15 KB 22ms
21ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:40:58 GMT
x-content-type-options: nosniff
age: 76451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Jun 2023 19:40:58 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4C4B 0
18 B 38ms
17ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.itworldcanada.com
Referer: https://www.itworldcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.itworldcanada.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 16:55:09 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame AE98 102 B
134 B 39ms
39ms Other
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=81cz2KigKZoE-gRplogO8692

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1d9eb1080fd09f8a055cc9069e4f5250f0767b55c241cf028068686da991b81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctagoaAAAAAN72dYmKMI8V__Y4VWufR4k-3hZF&co=aHR0cHM6Ly93d3cuaXR3b3JsZGNhbmFkYS5jb206NDQz&hl=en&v=81cz2KigKZoE-gRplogO8692&size=invisible&sa=submit&cb=15s8ejnil3oa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 02 Jun 2022 16:55:09 GMT

OPTIONS
H/1.1 200
OK /
bb.itwc.ca/index.php/api/activity/recordActivity/ Frame 0
0 88ms
26ms Preflight
application/json 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL

https://bb.itwc.ca/index.php/api/activity/recordActivity/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.140.127.151 London, Canada, ASN40788 (START-, CA),

Reverse DNS

Software

Apache / PHP/7.1.33

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.itworldcanada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Accept
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 16
Content-Type: application/json; charset=utf-8
Date: Thu, 02 Jun 2022 16:54:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
X-Powered-By: PHP/7.1.33
X-XSS-Protection: 1; mode=block

POST
H/1.1 201
Created / Show response
bb.itwc.ca/index.php/api/activity/recordActivity/ 154 B
869 B 84ms
83ms XHR
application/json 64.140.127.151
START-

General

Check archive.org

Show headers Download Go to

Full URL

https://bb.itwc.ca/index.php/api/activity/recordActivity/

Requested by

Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.140.127.151 London, Canada, ASN40788 (START-, CA),

Reverse DNS

Software

Apache / PHP/7.1.33

Resource Hash

a7d09d419396e8e3d19b6a181047738f7eaf8d9028becb5bd628b6c80b6fd916

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.itworldcanada.com/
Authorization: itwc:a615030a750e346a3c0292fbbf666be18bb2af4567a44c3e4835a3b802b36d89:1654188909779
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 16:54:53 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Accept
Content-Length: 154
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 88ms
40ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022053101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

462b1a60a6baa7f755375a12c1763f03c2c4237905f0b424c1e03b3ac2e4245a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10636
x-xss-protection: 0

GET
H2 200 cyber-security-today-text-middle2-150x150.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 33 KB
34 KB 24ms
24ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/cyber-security-today-text-middle2-150x150.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:42:26 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 17:08:54 GMT
server: AmazonS3
age: 630764
etag: "13fb9fef7a91b6732b5cc12c28370fa3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 34025
x-amz-cf-id: Uz3mBLJCQXFK0W9D0RG9z4zgmH1YUez8T4mdxX6D_q1s3_riVWJGVg==
expires: Tue, 29 Mar 2022 17:08:53 GMT

GET
H2 200 Paying-ransomware-GettyImages.jpg
i.itworldcanada.com/wp-content/uploads/2019/12/ 21 KB
22 KB 21ms
21ms Image
image/jpeg 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2019/12/Paying-ransomware-GettyImages.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e39d8adaa7b35f9d7c593c51b775469302ee7e7cb896a90acc5a45b15643835f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:48:02 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Tue, 17 Dec 2019 14:38:37 GMT
server: AmazonS3
age: 774428
etag: "588fef4fc3c13fd9afc9c5ee7ec5d833"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/jpeg
content-length: 21796
x-amz-cf-id: L6paVGyzA6xIcc_EGhs3hHCCa_kIJc3rCaFGlcYsFsfc4gN-4EN39g==
expires: Wed, 16 Dec 2020 14:38:32 GMT

GET
H2 200 cyber-security-today-text-middle2-150x150.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 33 KB
34 KB 19ms
19ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/cyber-security-today-text-middle2-150x150.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:42:26 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 17:08:54 GMT
server: AmazonS3
age: 630764
etag: "13fb9fef7a91b6732b5cc12c28370fa3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 34025
x-amz-cf-id: RNrdNjzM-9v3e4CCLOOppQOFJ-Q7j9o3FINTf5JpwdSVN27ENEFBcw==
expires: Tue, 29 Mar 2022 17:08:53 GMT

GET
H2 200 cyber-security-today-text-middle2-150x150.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 33 KB
34 KB 19ms
19ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/cyber-security-today-text-middle2-150x150.png
Requested by: Host: www.itworldcanada.com
URL: https://www.itworldcanada.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:42:26 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 17:08:54 GMT
server: AmazonS3
age: 630764
etag: "13fb9fef7a91b6732b5cc12c28370fa3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 34025
x-amz-cf-id: z7GjCnGCX7zkm3nJmG6mynIKspvBEs7hR0BFksxem7jeAH7eEDzcJQ==
expires: Tue, 29 Mar 2022 17:08:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 94ms
51ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 16:55:09 GMT

GET
H2 200 cyber-security-today-text-middle2-150x150.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 33 KB
34 KB 19ms
19ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/cyber-security-today-text-middle2-150x150.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:42:26 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 17:08:54 GMT
server: AmazonS3
age: 630764
etag: "13fb9fef7a91b6732b5cc12c28370fa3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 34025
x-amz-cf-id: ANbE3L_jwDqOJALllyFfBW6D_BV-JDwqkBmJ9dQoaquKvncRZjBqxA==
expires: Tue, 29 Mar 2022 17:08:53 GMT

GET
H2 200 Paying-ransomware-GettyImages.jpg
i.itworldcanada.com/wp-content/uploads/2019/12/ 21 KB
22 KB 19ms
19ms Image
image/jpeg 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2019/12/Paying-ransomware-GettyImages.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e39d8adaa7b35f9d7c593c51b775469302ee7e7cb896a90acc5a45b15643835f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:48:02 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Tue, 17 Dec 2019 14:38:37 GMT
server: AmazonS3
age: 774428
etag: "588fef4fc3c13fd9afc9c5ee7ec5d833"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/jpeg
content-length: 21796
x-amz-cf-id: BtwJ_vjmEN_B8S7xmiT3FsDVruhO2_RseFOdRg4GnZ1d6OByKNy1dQ==
expires: Wed, 16 Dec 2020 14:38:32 GMT

GET
H2 200 cyber-security-today-text-middle2-150x150.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 33 KB
34 KB 19ms
19ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/cyber-security-today-text-middle2-150x150.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:42:26 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 17:08:54 GMT
server: AmazonS3
age: 630764
etag: "13fb9fef7a91b6732b5cc12c28370fa3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 34025
x-amz-cf-id: ndJ0gNojRDHn-lSz8V14wPWSWKyfY68jCgarRyJB9o6GeGFHAr7OHg==
expires: Tue, 29 Mar 2022 17:08:53 GMT

GET
H2 200 cyber-security-today-text-middle2-150x150.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 33 KB
34 KB 28ms
28ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/cyber-security-today-text-middle2-150x150.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:42:26 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 17:08:54 GMT
server: AmazonS3
age: 630764
etag: "13fb9fef7a91b6732b5cc12c28370fa3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 34025
x-amz-cf-id: 3MGeZbuQE8Yt758QotMXCvkvFnpl95QdvaJ3GzbCqbYsEw2SWsqTOg==
expires: Tue, 29 Mar 2022 17:08:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 011E 13 KB
5 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itworldcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 53982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 01:55:28 GMT
expires: Fri, 02 Jun 2023 01:55:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7653 783 B
535 B 40ms
39ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

309088faeffea42abd738799735a04d5e2c20aff348e3e4d5f9cb37f7070e42d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BYiGXJBAXFrMlVZrG7yHNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itworldcanada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-BYiGXJBAXFrMlVZrG7yHNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 16:55:10 GMT
expires: Thu, 02 Jun 2022 16:55:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cyber-security-today-text-middle2-150x150.png
i.itworldcanada.com/wp-content/uploads/2021/03/ 33 KB
34 KB 19ms
18ms Image
image/png 2600:9000:2120:d400:3:dffb:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.itworldcanada.com/wp-content/uploads/2021/03/cyber-security-today-text-middle2-150x150.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:d400:3:dffb:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:42:26 GMT
via: 1.1 5085d90866d21251d1299413c6f53212.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 17:08:54 GMT
server: AmazonS3
age: 630765
etag: "13fb9fef7a91b6732b5cc12c28370fa3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: image/png
content-length: 34025
x-amz-cf-id: 6_61FbUh1-h50m-egeiqv8ldMiuYPlD0FeIDUnIkZ7eueOH2DfsryA==
expires: Tue, 29 Mar 2022 17:08:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7653 0
0 136ms
95ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022053101&jk=4203196157154979&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame 011E 36 KB
14 KB 59ms
20ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 21:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 21:57:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 011E 0
9 B 20ms
19ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Vsvb2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 16:55:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D285 42 B
64 B 118ms
78ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvan9ZiR-QJM2sxC5KO7PU3d-DMBh8Q0O_6LAx62c0UVR2XylQrBtzxt6yhoLxaCv4qbDB09jUXeMS7OL07tUNT2NIAsSdaq_X9I3a_1-wcrKixafGQ&sig=Cg0ArKJSzC9UImzPsPhiEAE&id=lidar2&mcvt=1000&p=155,315,405,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220601&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4251014571&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654188909188&rpt=171&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93F8 42 B
64 B 78ms
78ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshdH1jHNFoqTOcKuReWImq_DBpqaKB9RRSf6OJMpX9juR74XEwgWfVsDhQLbVHvhiSAgV-CQrVgWae0jHUX_-rv24zQDi2zRelMKoE-B4cuWeLhZMP&sig=Cg0ArKJSzG2e7_71C6xiEAE&id=lidar2&mcvt=1000&p=474,1022,724,1322&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220601&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1640639909&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654188909198&rpt=218&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 99ms
99ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022053101&jk=4203196157154979&bg=!d3SldDDNAAao8wy8iPM7ACkAdvg8WgVYhzNs82kmjArQ9VkIHVRxJ09gC0wXJW5IOsdHBnUPe73HdAIAAABcUgAAAAJoAQeZArcZAFFyRuw_zzRPn0I0d2dBoJUI9k_ruIxpLftqVlUgIp2cCKIyu28IKKuIyjWPG6KXc1ooW_USUKPAtte_sf0Nqr3RA2gmIEe1EdUaLdg6J2D08WbWOaAJprbDpzLqeZHOgYqrDVpor2w39kBrXO3rzlVdEOVw4VVVjDb-WV1ehocMGPaG_D8_7LHXBeFlCrCL33EV3RghjqXj-xS0IrDbfx5YGvlNenAW5mEbb0NFHDFaiNaD3JaNTYfsaY-P9SWZ-h9IhScyxY43A7Ul338UJAMm9yvLb-Inozq_AHQjlCwHoL8wItxNzKKdlc6V4FD8kERSGgSwjO21x_s-Vi6obJ5lUaxa9JCCmdweV_3BHAM44yD7ox0VFUvA-dki0N45wZDWzcF50CVymQJGclErJGhOF_x1AZiOtLI3mwQ8DG8LGmQ3EJZACFcAKmHEqc9OqZbyq829zx5VbR5yC-yx1BHOTmMKom8AWgNcaL7leudpbKU7oWYJXks18xd5P8pqEPHww4eNxovv0hqhjwIbDL8a13Tmpidj-EBLYS44GqaFj_d_QuZjzhe59ZmLD-mvyeOuFdlzynvAuaMPE0iuPJ6NaC42mgI2ejoa2FIo7R_hjWUbHtYbvuG6YTXCvN8EfASltf_NymWWa9NNj43JuGgHrxlb76VEJpKTg79WdwqrvS7ebRu9bE1Aub2fzyj9E4JkIYDpW17jNeUrG1Iy2GbyWmjhbCcWA6_xkNYcg9Uq7-ek38QjfT1TrX35ZZ9A2dE1hi1lE1lJ-PyQrt3SNTqhNPU7otpTrBALf8HgvlOp0CK_L8kwJ5rxs7zvNKTj9gGkjfMayHCbTcP8wTXLuDH6JR1urGojk2Q0M2XNaY2gbifIm7M5DJ_WxIeWjTeEm9dWmCmog30F0r4lNOOgZ3Uafvyunw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.itworldcanada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ Frame D2E7 0
17 B 34ms
33ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LGJL4Q296E&gtm=2oe610&_p=2050856535&_z=ccd.tdB&cid=612935327.1654188909&ul=en-us&sr=1600x1200&sid=1654188909&sct=1&seg=1&dl=https%3A%2F%2Fwww.itworldcanada.com%2Fsubscribe%2Fdaily.php%3Ftheme%3Dlight&dr=https%3A%2F%2Fwww.itworldcanada.com%2Farticle%2Fthis-week-in-ransomware-friday-the-13th-edition-2022%2F484091%3Futm_source%3DSecurity%26utm_medium%3Denews%26utm_campaign%3DSecurity%26scid%3Dc94722c9-a305-1894-9a11-50be00c0abdc&dt=REGISTER%20FOR%20THE%20IT%20WORLD%20CANADA%20NEWSLETTER&_s=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGJL4Q296E&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itworldcanada.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 16:55:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itworldcanada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.itworldcanada.com/	1970-01-23 19:05:48	Name: ukw Value: a%3A1%3A%7Bi%3A0%3Bi%3A1654188907%3B%7D
www.itworldcanada.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ckill2ro4vh027tqb05l8tflmt
.itworldcanada.com/	1970-01-20 05:39:24	Name: _fbp Value: fb.1.1654188908941.311274937
.facebook.com/	1970-01-20 05:39:24	Name: fr Value: 0nVetACn6uqgk6gxO..BimOts...1.0.BimOts.
.itworldcanada.com/	1970-01-20 03:31:15	Name: _gid Value: GA1.2.1733159458.1654188909
.itworldcanada.com/	1970-01-20 03:29:48	Name: _gat_UA-2214941-1 Value: 1
www.itworldcanada.com/	1970-01-20 21:01:00	Name: wpusers Value: MjAyMi0wNi0wMiAxNi41NS4wOQ==
www.itworldcanada.com/	1970-01-20 21:01:00	Name: scid Value: c94722c9-a305-1894-9a11-50be00c0abdc
.itworldcanada.com/	1970-01-20 12:51:24	Name: __gads Value: ID=b9f01e3bb4386d33-2267a931c4d20098:T=1654188909:S=ALNI_MZsfRPBD77PudN-Y59AULKYfJsS5w
.ml314.com/	1970-01-20 12:15:24	Name: pi Value: 3627642794608164878
.ml314.com/	1970-01-20 03:49:58	Name: tp Value: 8%3b6%2f2%2f2022+12%3a55%3a09+PM%3b0
.doubleclick.net/	1970-01-20 21:01:00	Name: IDE Value: AHWqTUmc8p6IarkAxLYGoJJGvlsj0qcs92y-b6tjNsRFhjqyO1QsSy6r3X13kTwVp_o
.itworldcanada.com/	1970-01-20 21:01:00	Name: _ga_LGJL4Q296E Value: GS1.1.1654188909.1.1.1654188909.0
.itworldcanada.com/	1970-01-20 21:01:00	Name: _ga Value: GA1.1.612935327.1654188909
.adsrvr.org/	1970-01-20 12:15:24	Name: TDID Value: 3baafc6b-d6df-4a25-a820-e6d366fad09e
.rlcdn.com/	1970-01-20 12:15:24	Name: rlas3 Value: YGYaAKjVODZAFeTbLeL8f85G536mM0zHuX0a28iBfaQ=
.adsrvr.org/	1970-01-20 12:15:24	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCLbqmvfVsOI6EAUYBSABKAIyCwjAjeuj7LDiOhAFOAE.
.crwdcntrl.net/	1970-01-20 09:58:33	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 09:58:33	Name: _cc_id Value: 9fceaa7b74ec96b39e7450fc4788c5ba
.adnxs.com/	1970-01-20 05:39:24	Name: uuid2 Value: 5307840846097607621
.rlcdn.com/	1970-01-20 04:56:12	Name: pxrc Value: CO3W45QGEgUI6AcQABIFCNtOEAA=
.eyeota.net/	1970-01-20 12:15:24	Name: mako_uid Value: 1812557a351-62a0000010a5cca
.mathtag.com/	1970-01-20 12:55:44	Name: uuid Value: 5f086298-eb6d-4300-bc25-a7e6c20e0204
.eyeota.net/	1970-01-20 03:29:49	Name: SERVERID Value: 20824~DM
.ml314.com/	1970-01-20 03:29:48	Name: u Value: aHR0cHM6Ly93d3cuaXR3b3JsZGNhbmFkYS5jb20v
.demdex.net/	1970-01-20 07:49:00	Name: demdex Value: 40581565210304362584193905267592930130
.dpm.demdex.net/	1970-01-20 07:49:00	Name: dpm Value: 40581565210304362584193905267592930130
www.itworldcanada.com/	1970-01-20 21:01:00	Name: bbct Value: e
www.itworldcanada.com/	1970-01-20 21:01:00	Name: bbjf Value: 21
www.itworldcanada.com/	1970-01-20 21:01:00	Name: bbin Value: 99
www.itworldcanada.com/	1970-01-20 21:01:00	Name: bbem Value: 3
www.itworldcanada.com/	1970-01-20 21:01:00	Name: bbts Value: 1654188893

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

659bf2f640900994a7688d930b7c5b97.safeframe.googlesyndication.com
adservice.google.com
bb.itwc.ca
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
i.itworldcanada.com
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
pixel.mathtag.com
ps.eyeota.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.crwdcntrl.net
tags.bluekai.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.itworldcanada.com
142.251.35.162
15.197.193.217
18.233.240.143
23.221.203.44
2600:9000:2120:d400:3:dffb:fe80:93a1
2607:f8b0:4004:c08::9b
2607:f8b0:4006:807::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:80c::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2002
2a00:1450:4009:81e::2001
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.111.234.236
34.197.192.192
34.213.154.128
35.190.60.146
54.211.26.76
64.140.127.151
64.140.127.168
68.67.179.153
96.17.64.208
017891e235baa20d3b29dc2fd935c1f5890ac690636f6f172da78f2463f90cea
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075
0ac7a2eaed897e499f0b32b213e3776a5f1e2b92da00e65ac50c6a0131fc7793
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16d46627940f5b68a1d6ca221db33bc81f5a6f291015bb711bc965c0e13a27b4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1f822027b6c82d89cf087cfcf56e7e755a870111faf04c87cf626108f7b5263e
232c443fd14bd168e00a505981ae73e540dfde88b6332a5dd49f3f4a3b37a0d6
235be8bfdd19de9bbd0b0291b2b588b6c295093a33120f06d1e1b8803708c7fb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b591aacae16f8b1eaaccbc2c11094df1f820692a0a1194566e25851be9365e7
309088faeffea42abd738799735a04d5e2c20aff348e3e4d5f9cb37f7070e42d
38e85083ca477d7e15d4bbf2dd367d78a4df0f94b7cccf45fa886856f036baa1
39aad4dd6ffc5005f780cad0abe9a8928640248f069eca11d206f8afae5b6fca
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
462b1a60a6baa7f755375a12c1763f03c2c4237905f0b424c1e03b3ac2e4245a
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b7e34f6fe214525b816bd5841acc8674451cec6e4aa6c8128c2cba74727dd08
4bf22a9c735795b5c39296e990ce7f04634f182f47feece1473b995389fe9e23
4bfcca1faf44dc958f2bbb76af949d3a5236c3a468d25db5f1cdba602db44d9f
4e3afec2fa191df77c9aad12f0f578831c7802edc3a38c0251e9438f5ba3c848
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
51cac630c97cf0f4f4cf982fa2d362a80ec7df47f55094d42fd6477b2ea2f639
51fd143cdf881e5ebd585e6885f79efebb3cccbee4f4ac5087588f192a3a243d
54bdfeab72dc34ff262050cf7cff2e37f88e8fa048cf5237b844ccf41bff3bea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e8dde458697ee3e5605d67f7503ced27c2e78de057c8bc8823c0687618e1439
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64eabf2b14beb4aa6d6c887f4f384d245d33f69366eeb594392bf77dce3f43db
733239a52c914e1494171a0831d2de5c82ba0de7fd492c467ec78f5074bc86a4
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
75fb7639af36293cf3b45f8eb3cde61b59dcc6b9dec93e23785a9eb62e119d73
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847976eea2b0507cea0df299fa3ec6a96a448327b99514497cef7a74a4f51d4d
8512bda02831a1a203f57871aaa28f18b15259e9c24d045ba0426feee9989be7
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a0e06c2224398dc583a6ae90201a5faec3174306f1502f24364b29967682ee8a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ca6817b01516b2ab97d83dcfe7fc9d1be7ab071cb7c535120842f6052731b2
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d09d419396e8e3d19b6a181047738f7eaf8d9028becb5bd628b6c80b6fd916
a90f3071f749920d5c06cd9fbbd71919955e7d38736a8ef285b31a19b9e9ea85
ae2da1bd62c6469ee27770ad1cddf2e8296d8a7f6d85b091463e5200c5e320af
af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd5fda1a0cdd5aea44ffa78d9729cd9e90f4eb0f5c4940ae9ac87d60fc6d4d48
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1ba891cb476994991a846c0be5e25bf9885ab9d6990d9dfbc539e54d5048306
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
c983bccbfa3aeec262e4469747aaf9d860d93fedcf3ba263c84bd7ef21430234
cd7a6996192a36ba247c32e9a19de9c0c3c7f8cc876790594dc93db32c7b051c
cda5f084c2c6f858fafe20b03ed46c19082233f70cb20282f1090ac1a2415719
cdbbdfeaca77c530c00b39dfca3cb78970ff275120e7659aed1651a9645b3fa3
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cde080ba8b0c6b5d74f691d387a14df278130a170ff8693b00356c27f19294c4
ce909463529686eb56d9bcced0f0fa2925ffefe461298e8505459c6ecc9140a0
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
d0ccffdc31d7f2825ae2f4057c080f7dbdf26a4f4526fcac81453ac6c893bccc
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d26c4cb1e96ef9d50a31f15e397ad925d3ba90c0b9edfec7b1ef5e6f40ef9904
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dea07f3e90149dfd44d67158da0bcc50ded545a6d934a877b8311d8970550571
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e39d8adaa7b35f9d7c593c51b775469302ee7e7cb896a90acc5a45b15643835f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c4c81f9aa80973f684f72a343e3a8f39a8f88eb77ff8ce760ef646e054771
e7d44bc3895e3205728283fa417602ef907ee7ad9bb068c7b8fcf351a8855d5d
ef0f6aae9b080b159514dc82a8c8c96260286bf4b57bac7211e6f11f6250080f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02dd8a3a2f0ee21c7bb66bb945ec5c9a8f585890d5528fc8161d8bd209d70f0
f1d9eb1080fd09f8a055cc9069e4f5250f0767b55c241cf028068686da991b81
f3ef3256e7e649b4714e11082e6bd1f2def9315cde7d06a70f31f2571f02abcc
f3f100551911545756ee9ff288bb7949a1904c303a10d7e3c316d6248495c9eb
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f53f233e493799177bfa142e528f9b8beb24c9a32c6099580fc86ab5ecfa6bba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
f96df7325e563d0e8ff24e1270a313811504bd07902298b013e5a914669471bf

www.itworldcanada.com Open in urlscan Pro 64.140.127.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

92 %HTTPS

55 %IPv6

22 Domains

29 Subdomains

24 IPs

3 Countries

3211 kBTransfer

6529 kBSize

32 Cookies

25 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.itworldcanada.com Open in urlscan Pro
64.140.127.168 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

92 %
HTTPS

55 %
IPv6

22
Domains

29
Subdomains

24
IPs

3
Countries

3211 kB
Transfer

6529 kB
Size

32
Cookies

142 HTTP transactions
0 data transactions