urlscan.io logo urlscan.io
SecurityTrails logo

www.inquirer.com Open in urlscan Pro
2a02:26f0:480:f::213:7ed5  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Submission: On October 16 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 10 countries across 78 domains to perform 418 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ed5, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.inquirer.com. The Cisco Umbrella rank of the primary domain is 66851.
TLS certificate: Issued by R3 on October 3rd 2023. Valid for: 3 months.
This is the only time www.inquirer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 3 23.201.255.110 16625 (AKAMAI-AS)
1 151.101.2.217 54113 (FASTLY)
23 2600:9000:225... 16509 (AMAZON-02)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 23.212.88.20 16625 (AKAMAI-AS)
2 151.101.129.91 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2600:9000:224... 16509 (AMAZON-02)
1 51.77.64.70 16276 (OVH)
15 23.38.98.44 20940 (AKAMAI-ASN1)
11 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 3 142.250.186.166 15169 (GOOGLE)
1 3 108.138.7.10 16509 (AMAZON-02)
7 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 52.22.89.243 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 142.250.186.130 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.108 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
14 18.66.97.67 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 107.178.250.234 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
23 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.212.15.0 14618 (AMAZON-AES)
1 37.252.173.215 29990 (ASN-APPNEX)
2 35.186.255.72 15169 (GOOGLE)
7 52.7.177.4 14618 (AMAZON-AES)
7 34.107.254.252 396982 (GOOGLE-CL...)
1 18.66.112.93 16509 (AMAZON-02)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 23.57.19.78 16625 (AKAMAI-AS)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 52.222.209.4 16509 (AMAZON-02)
1 65.9.66.68 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 54.171.212.190 16509 (AMAZON-02)
6 2602:803:c003... 26667 (RUBICONPR...)
6 52.59.78.152 16509 (AMAZON-02)
4 21 104.18.27.193 13335 (CLOUDFLAR...)
6 54.155.227.74 16509 (AMAZON-02)
6 18.197.47.48 16509 (AMAZON-02)
6 34.120.63.153 396982 (GOOGLE-CL...)
1 13.32.121.71 16509 (AMAZON-02)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 162.19.138.119 16276 (OVH)
1 35.190.39.111 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 63.33.97.132 16509 (AMAZON-02)
31 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.7.13 44788 (ASN-CRITE...)
2 2600:9000:211... 16509 (AMAZON-02)
9 34.98.72.95 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.228.149.175 16509 (AMAZON-02)
5 23.52.120.27 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 35.244.159.8 15169 (GOOGLE)
1 34.120.253.250 396982 (GOOGLE-CL...)
11 2a00:1450:400... 15169 (GOOGLE)
3 167.235.124.61 24940 (HETZNER-AS)
12 18.196.112.58 16509 (AMAZON-02)
1 34.149.14.182 15169 (GOOGLE)
1 34.117.96.210 396982 (GOOGLE-CL...)
1 34.149.203.84 396982 (GOOGLE-CL...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:1901:0:5... 15169 (GOOGLE)
1 34.111.8.32 396982 (GOOGLE-CL...)
1 34.102.193.48 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
2 104.18.25.18 13335 (CLOUDFLAR...)
4 95.101.149.233 16625 (AKAMAI-AS)
2 69.173.144.139 26667 (RUBICONPR...)
1 3 3.71.149.231 16509 (AMAZON-02)
3 15.197.193.217 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
3 3 185.64.190.79 62713 (AS-PUBMATIC)
5 5 142.250.74.194 15169 (GOOGLE)
1 1 185.64.191.210 62713 (AS-PUBMATIC)
1 1 198.47.127.20 3257 (GTT-BACKB...)
2 18.66.97.32 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
2 4 52.46.151.131 16509 (AMAZON-02)
1 1 54.164.154.71 14618 (AMAZON-AES)
2 2 37.157.4.29 198622 (ADFORM)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 95.101.54.235 20940 (AKAMAI-ASN1)
418 111
12    2a02:26f0:480:f::213:7ed5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.inquirer.com
3    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
23    2600:9000:2251:6000:e:3d02:4d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.inquirer.com
1    2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
warp.media.net
2    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
cdn.growthbook.io
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a02:26f0:7100:585::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    2600:9000:2240:d600:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
15    23.38.98.44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-44.deploy.static.akamaitechnologies.com
analytics.tiktok.com
11    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:211e:d000:b:4a1:3f40:21 (United States)

ASN16509 (AMAZON-02, US)
d33pn8gtn0nu9p.cloudfront.net
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
13707460.fls.doubleclick.net
3    108.138.7.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-10.fra56.r.cloudfront.net
sb.scorecardresearch.com
7    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    52.22.89.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-89-243.compute-1.amazonaws.com
philadelphia-inquirer-snowplow-collector.localnewslab.io
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    13.32.121.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-108.fra60.r.cloudfront.net
cdn.sophi.io
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)
f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
14    18.66.97.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-67.fra56.r.cloudfront.net
p543.inquirer.com
5    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cl.qualaroo.com
1    2606:4700:e2::ac40:8f06 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
2    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
23    2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
2    3.212.15.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-15-0.compute-1.amazonaws.com
inquirer.blueconic.net
1    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
7    52.7.177.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-177-4.compute-1.amazonaws.com
www.i.matheranalytics.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    18.66.112.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-93.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
dntcl.qualaroo.com
1    2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
4    23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
6    52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2600:9000:2250:a200:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    54.171.212.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
hb.yellowblue.io
6    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    52.59.78.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
tlx.3lift.com
21    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6    54.155.227.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-227-74.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
6    18.197.47.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
6    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    13.32.121.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-71.fra60.r.cloudfront.net
hb.undertone.com
4    2a02:26f0:480:ba2::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
6    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2600:1901:0:8344:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
lexicon.33across.com
1    63.33.97.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-97-132.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
31    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2600:9000:211e:e000:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
9    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    54.228.149.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-149-175.eu-west-1.compute.amazonaws.com
protected-by.clarium.io
5    23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com
contextual.media.net
hblg.media.net
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
11    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    167.235.124.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0039.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
12    18.196.112.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    34.149.14.182 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 182.14.149.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.117.96.210 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.96.117.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.149.203.84 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 84.203.149.34.bc.googleusercontent.com
view.cdnbasket.net
1    2600:9000:20eb:ba00:e:2f90:b980:21 (United States)

ASN16509 (AMAZON-02, US)
d1pozjtpbhnh0m.cloudfront.net
1    2600:1901:0:56e0:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
ids.cdnwidget.com
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
1    34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com
e.cdnwidget.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    2600:9000:223c:e800:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    18.66.97.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-32.fra56.r.cloudfront.net
usr.undertone.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
4    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.164.154.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-154-71.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    95.101.54.235 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-235.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
Apex Domain
Subdomains		 Transfer
49 inquirer.com
www.inquirer.com — Cisco Umbrella Rank: 66851
media.inquirer.com — Cisco Umbrella Rank: 93957
p543.inquirer.com — Cisco Umbrella Rank: 94988
2 MB
31 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
316 KB
28 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3504
ads.rubiconproject.com — Cisco Umbrella Rank: 2373
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3219
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
166 KB
24 doubleclick.net
13707460.fls.doubleclick.net — Cisco Umbrella Rank: 119004
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
224 KB
23 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8991
cdn.tinypass.com — Cisco Umbrella Rank: 6818
buy.tinypass.com — Cisco Umbrella Rank: 7378
315 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
13 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
138 KB
16 google.com
accounts.google.com — Cisco Umbrella Rank: 32
region1.analytics.google.com — Cisco Umbrella Rank: 2714
adservice.google.com — Cisco Umbrella Rank: 118
www.google.com — Cisco Umbrella Rank: 2
82 KB
15 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 766
150 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
75 KB
12 media.net
warp.media.net — Cisco Umbrella Rank: 2913
prebid.media.net — Cisco Umbrella Rank: 1420
contextual.media.net — Cisco Umbrella Rank: 780
hblg.media.net — Cisco Umbrella Rank: 2435
56 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
156 KB
11 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2371
tag.bounceexchange.com — Cisco Umbrella Rank: 3282
api.bounceexchange.com — Cisco Umbrella Rank: 2738
203 KB
11 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 12318
app.matheranalytics.com — Cisco Umbrella Rank: 18546
www.i.matheranalytics.com — Cisco Umbrella Rank: 12078
47 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
22 KB
8 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2382
cdn.permutive.com — Cisco Umbrella Rank: 3138
10 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5598
p1cluster.cxense.com — Cisco Umbrella Rank: 10775
comcluster.cxense.com — Cisco Umbrella Rank: 5196
id.cxense.com — Cisco Umbrella Rank: 11611
81 KB
7 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
3 KB
6 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1206
2 KB
6 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4304
3 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
62 KB
5 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 748
image2.pubmatic.com — Cisco Umbrella Rank: 1116
image4.pubmatic.com — Cisco Umbrella Rank: 1249
2 KB
5 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2980
2 KB
5 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385
128 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6147
adservice.google.de — Cisco Umbrella Rank: 13042
1 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
us-u.openx.net — Cisco Umbrella Rank: 547
935 B
4 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4077
cdn.undertone.com — Cisco Umbrella Rank: 3633
usr.undertone.com — Cisco Umbrella Rank: 2350
5 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
104 KB
4 cloudfront.net
d33pn8gtn0nu9p.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d1pozjtpbhnh0m.cloudfront.net
938 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
445 B
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 5003
page.cdnbasket.net — Cisco Umbrella Rank: 5009
view.cdnbasket.net — Cisco Umbrella Rank: 5012
1014 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
177 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
7 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
lexicon.33across.com — Cisco Umbrella Rank: 1726
5 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
864 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
140 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 3907
e.cdnwidget.com — Cisco Umbrella Rank: 15117
333 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
551 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
12 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1591
109 KB
2 blueconic.net
inquirer.blueconic.net — Cisco Umbrella Rank: 142830
2 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 655
564 B
2 qualaroo.com
cl.qualaroo.com — Cisco Umbrella Rank: 9612
dntcl.qualaroo.com — Cisco Umbrella Rank: 12040
50 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
20 KB
2 localnewslab.io
philadelphia-inquirer-snowplow-collector.localnewslab.io — Cisco Umbrella Rank: 103451
322 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
88 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
230 KB
2 growthbook.io
cdn.growthbook.io — Cisco Umbrella Rank: 10130
2 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1562
c.go-mpulse.net — Cisco Umbrella Rank: 689
51 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
696 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
425 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1703
424 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 18782
244 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12024
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1031
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
187 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1821
311 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
314 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3029
464 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1651
244 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6069
539 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5898
5 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
1 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
574 B
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 8321
3 KB
1 permutive.app
f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app — Cisco Umbrella Rank: 123530
114 KB
1 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 24285
21 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
441 B
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7991
52 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6902
8 KB
418 78
Domain Requested by
31 cdnjs.cloudflare.com buy.tinypass.com
s0.2mdn.net
23 media.inquirer.com www.inquirer.com
buy.tinypass.com
p543.inquirer.com
21 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
15 analytics.tiktok.com www.inquirer.com
analytics.tiktok.com
14 p543.inquirer.com www.inquirer.com
p543.inquirer.com
12 prebid-a.rubiconproject.com micro.rubiconproject.com
12 securepubads.g.doubleclick.net www.inquirer.com
securepubads.g.doubleclick.net
www.googletagservices.com
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
12 www.inquirer.com www.inquirer.com
11 s0.2mdn.net www.inquirer.com
s0.2mdn.net
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
9 assets.bounceexchange.com www.inquirer.com
tag.bounceexchange.com
assets.bounceexchange.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.inquirer.com
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 api.permutive.com f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
7 www.i.matheranalytics.com
7 region1.analytics.google.com www.googletagmanager.com
6 ssum-sec.casalemedia.com 2 redirects cdn.undertone.com
js-sec.indexww.com
ssum-sec.casalemedia.com
6 prebid.media.net micro.rubiconproject.com
6 grid.bidswitch.net micro.rubiconproject.com
6 hb.minutemedia-prebid.com micro.rubiconproject.com
6 htlb.casalemedia.com micro.rubiconproject.com
6 tlx.3lift.com micro.rubiconproject.com
6 fastlane.rubiconproject.com micro.rubiconproject.com
6 aax.amazon-adsystem.com c.amazon-adsystem.com
5 cm.g.doubleclick.net 5 redirects
5 hb.yellowblue.io micro.rubiconproject.com
5 cdn.cookielaw.org www.inquirer.com
cdn.cookielaw.org
5 www.google.com 1 redirects www.inquirer.com
tpc.googlesyndication.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
cdn.undertone.com
4 contextual.media.net warp.media.net
micro.rubiconproject.com
4 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 secure.cdn.fastclick.net www.inquirer.com
secure.cdn.fastclick.net
4 www.google.de www.inquirer.com
13707460.fls.doubleclick.net
3 image8.pubmatic.com 3 redirects
3 match.adsrvr.org cdn.undertone.com
ssum-sec.casalemedia.com
3 www.googletagservices.com www.inquirer.com
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
3 c.amazon-adsystem.com www.inquirer.com
c.amazon-adsystem.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects www.inquirer.com
3 13707460.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 accounts.google.com www.inquirer.com
accounts.google.com
2 c1.adform.net 2 redirects
2 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
2 ups.analytics.yahoo.com cdn.undertone.com
2 token.rubiconproject.com eus.rubiconproject.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
2 d3plfjw9uod7ab.cloudfront.net www.inquirer.com
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 cdn.id5-sync.com www.inquirer.com
securepubads.g.doubleclick.net
2 cdn.confiant-integrations.net www.inquirer.com
cdn.confiant-integrations.net
2 app.matheranalytics.com js.matheranalytics.com
2 inquirer.blueconic.net p543.inquirer.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 js.matheranalytics.com 1 redirects
2 www.googleadservices.com 13707460.fls.doubleclick.net
www.googleadservices.com
2 philadelphia-inquirer-snowplow-collector.localnewslab.io d33pn8gtn0nu9p.cloudfront.net
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.googletagmanager.com www.inquirer.com
www.googletagmanager.com
2 cdn.growthbook.io www.inquirer.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 s.company-target.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 sync.taboola.com ssum-sec.casalemedia.com
1 sync.srv.stackadapt.com 1 redirects
1 pixel-sync.sitescout.com cdn.undertone.com
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 pixel.rubiconproject.com cdn.undertone.com
1 pixel.advertising.com 1 redirects
1 us-u.openx.net cdn.undertone.com
1 secure-assets.rubiconproject.com 1 redirects
1 js-sec.indexww.com micro.rubiconproject.com
1 eb2.3lift.com micro.rubiconproject.com
1 cdn.undertone.com micro.rubiconproject.com
1 id.hadron.ad.gt micro.rubiconproject.com
1 e.cdnwidget.com
1 api.bounceexchange.com assets.bounceexchange.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 d1pozjtpbhnh0m.cloudfront.net s0.2mdn.net
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 hblg.media.net
1 p1cluster.cxense.com cdn.cxense.com
1 tag.bounceexchange.com assets.bounceexchange.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 protected-by.clarium.io www.inquirer.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 c2.piano.io cdn.tinypass.com
1 hb.undertone.com micro.rubiconproject.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.permutive.com f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
1 dntcl.qualaroo.com cl.qualaroo.com
1 cdn.tinypass.com experience.tinypass.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ib.adnxs.com f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
1 experience.tinypass.com www.inquirer.com
1 www.npttech.com www.inquirer.com
1 cl.qualaroo.com www.inquirer.com
1 f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app www.inquirer.com
1 cdn.sophi.io www.inquirer.com
1 googleads.g.doubleclick.net 1 redirects
1 www.facebook.com www.inquirer.com
1 adservice.google.de 1 redirects
1 adservice.google.com 13707460.fls.doubleclick.net
1 d33pn8gtn0nu9p.cloudfront.net www.googletagmanager.com
1 pro.ip-api.com www.inquirer.com
1 cdn.auth0.com www.inquirer.com
1 c.go-mpulse.net s.go-mpulse.net
1 warp.media.net micro.rubiconproject.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 s.go-mpulse.net www.inquirer.com
1 cdn.speedcurve.com www.inquirer.com
1 micro.rubiconproject.com www.inquirer.com
418 134
Subject Issuer Validity Valid
pmn.web.arc-cdn.net
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
*.inquirer.com
Amazon RSA 2048 M02		 2023-09-02 -
2024-09-30		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.growthbook.io
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.localnewslab.io
Amazon RSA 2048 M02		 2023-07-16 -
2024-08-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.sophi.io
Amazon RSA 2048 M01		 2023-09-17 -
2024-10-15		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-09-07 -
2023-12-06		 3 months crt.sh
p543.inquirer.com
Amazon RSA 2048 M03		 2023-08-06 -
2024-09-03		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
cl.qualaroo.com
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
npttech.com
GTS CA 1P5		 2023-09-01 -
2023-11-30		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-13 -
2024-08-12		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-10-07 -
2024-01-06		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
api.permutive.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
dntcl.qualaroo.com
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-09-10 -
2023-12-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2023-09-22 -
2023-12-21		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M02		 2022-12-16 -
2024-01-14		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
tag.bounceexchange.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
data.cdnbasket.net
GTS CA 1D4		 2023-09-14 -
2023-12-13		 3 months crt.sh
page.cdnbasket.net
GTS CA 1D4		 2023-09-16 -
2023-12-15		 3 months crt.sh
view.cdnbasket.net
GTS CA 1D4		 2023-09-22 -
2023-12-21		 3 months crt.sh
ids.cdnwidget.com
R3		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.wunderkind.co
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
e.cdnwidget.com
R3		 2023-09-07 -
2023-12-06		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh

This page contains 27 frames:

Primary Page: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Frame ID: AB1CD299F8F222D61375F90A06C28433
Requests: 259 HTTP requests in this frame

Frame: https://13707460.fls.doubleclick.net/activityi;dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Frame ID: 21A224D5152AA96D6451489A902422EC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Frame ID: 964DCA55405C524C16F9D5E6F5B986D3
Requests: 1 HTTP requests in this frame

Frame: https://13707460.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Frame ID: 950A1A0FC32D8666A90DCE608AEF50A9
Requests: 4 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: B383F876D7BEB6C2F570B099F0DD752F
Requests: 1 HTTP requests in this frame

Frame: https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 782AB1F418FF5D10FEB9DFE4A01E5183
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.inquirer.com&us_privacy=1---
Frame ID: B0E5945E6F61DFAEEAAD60812E022B98
Requests: 2 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Frame ID: 1A363E70A10E300CE80EE4C598274FC5
Requests: 17 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Frame ID: FBD6A93C6F3324E2B0C9BAC85B77DE97
Requests: 20 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Frame ID: 864DD8AA5C54E237DE83D17529DEB6C5
Requests: 21 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/fa401451-4d24-4567-baab-5500a33de2d2.js
Frame ID: 6920FBB0A92EED07DBE125E642CE995A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58F93767A8F7727D28993A2464D3CD67
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC599409697922E5CA2697E9CBD8AB78
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 627F345119F26489E6D24A3D5E8914F5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: A161D53DAADACBC19D380DE73211B4B9
Requests: 4 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/fa401451-4d24-4567-baab-5500a33de2d2.js
Frame ID: 0E73EBEF8FD7A390841974F58AC75C7F
Requests: 10 HTTP requests in this frame

Frame: https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D634F2C165120A98FE2E00A4D21E6AF5
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Frame ID: D6F5C9667AA06FA61934681EBFCF11DE
Requests: 12 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 4EE9DA98B7D7CA8FF592EA18CE9E55F7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUG8YY38&prvid=2034%2C2033%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C56%2C2045%2C3012%2C3010%2C122%2C3008%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C459%2C77%2C182%2C261%2C141%2C262%2C461%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 08279397CA9FAD939536DD58C3818959
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 03CEBEE68308A812DE43CA05A8F578CD
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: D1B8AA7BE838D0060292F33A4CA18455
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 88445A9A768DAA6F8758A0D4D1B4764B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 4D320735D854E8CE0843E570DA6E94D7
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: C0FBC76ACD2B60F2DBD0455F2DB2DD78
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 4CBE5849E8018214C771AAA885A3DE09
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 69C116F674944B94432A0E7051DEDABD
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

‘Zero-click’ hacks are growing in popularity. There’s practically no way to stop them.Share IconFacebook LogoTwitterEmailLink IconTwitterFacebookInstagram

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

418
Requests

95 %
HTTPS

42 %
IPv6

78
Domains

134
Subdomains

111
IPs

10
Countries

6692 kB
Transfer

16359 kB
Size

87
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://13707460.fls.doubleclick.net/activityi;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html HTTP 302
  • https://13707460.fls.doubleclick.net/activityi;dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Request Chain 57
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html HTTP 302
  • https://13707460.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Request Chain 73
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F13707460.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzLqsuy-oEDFUSwmgodYR8DKA%3Bsrc%3D13707460%3Btype%3Dinvmedia%3Bcat%3Dinqui0%3Bord%3D7202057052038%3Bauiddc%3D1984974688.1697453374%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.inquirer.com%252Fbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PxUtZcq1BamN7_UP7aGC0A8&sscte=1&crd=&pscrd=IhMIitHHy7L6gQMVqca7CB3tkAD6 HTTP 302
  • https://www.google.com/pagead/1p-conversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F13707460.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzLqsuy-oEDFUSwmgodYR8DKA%3Bsrc%3D13707460%3Btype%3Dinvmedia%3Bcat%3Dinqui0%3Bord%3D7202057052038%3Bauiddc%3D1984974688.1697453374%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.inquirer.com%252Fbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIitHHy7L6gQMVqca7CB3tkAD6&is_vtc=1&ocp_id=PxUtZcq1BamN7_UP7aGC0A8&cid=CAQSKQDICaaNzwtkZEamG_iif7dy-4oR4FGXubcDQWAyOP8aORFX32cSnF7d&random=2375991646&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F13707460.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzLqsuy-oEDFUSwmgodYR8DKA%3Bsrc%3D13707460%3Btype%3Dinvmedia%3Bcat%3Dinqui0%3Bord%3D7202057052038%3Bauiddc%3D1984974688.1697453374%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.inquirer.com%252Fbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIitHHy7L6gQMVqca7CB3tkAD6&is_vtc=1&ocp_id=PxUtZcq1BamN7_UP7aGC0A8&cid=CAQSKQDICaaNzwtkZEamG_iif7dy-4oR4FGXubcDQWAyOP8aORFX32cSnF7d&random=2375991646&resp=GooglemKTybQhCsO&ipr=y
Request Chain 78
  • https://sb.scorecardresearch.com/c2/6034697/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 86
  • https://js.matheranalytics.com/s/ma34789/234578994/ml.js?cb=1637 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma34789/234578994/21/ml.br.js
Request Chain 169
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&rid=esp&cc=1
Request Chain 248
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=inquirer.com&sn=ChromeSyncframe&so=0&topUrl=www.inquirer.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=HQYB9Xx6MkR1VmRFL2doSXZLcUVEMmNuOUZVaGU1K3huRW12ZS9ubEFrRWpYemVLd0FNWUhTelQwY2NWNFFWK1gvcUs4aWN4WUdiSHFBb0NLajB3MG9iSlQyWk9tbW03VkIwaDFpdVpkMDJpaGNaUDRJaU5QVVRtbHk4VmdYbzgybEthUFJlUXF5bWhwOUxLRndKc0p6WUp4Wm9OTitQYkNSUEpmV0RSS0xUV2V6dU1sZU5lL295cXk3VDZ2Y3NHVU9VSXFjUXdmcnJxaGEyNmNTS1FNUHEwaFVNYTJ0cXBPNE1hRlNQNkZmL1k4Ulp3c0VDZWxrcTVqOGZxVEVsZVN1Zldjc3d5VlJDVW9pYVVPSTZ2ZXBJek9YY0tGWkRoZU5lM29LUzFXNitjMTZzOD18&cppv=2
Request Chain 380
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 381
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 383
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 386
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTIwOUQ3NDktNDQzMC00MjJGLUI5OTMtMEZFNzhCQUNDMDQ4&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9209D749-4430-422F-B993-0FE78BACC048&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9209D749-4430-422F-B993-0FE78BACC048
Request Chain 389
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
Request Chain 393
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS0VRuadfRPyjSu8sbJE.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1&google_hm=2
Request Chain 395
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 396
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bc8HxRBXXpNR-zWPr5lWHS2NmE0
Request Chain 397
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3086277655167560987&expiration=1698662982
Request Chain 401
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS0VRiHlXlv8XbllfPLwpgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1
Request Chain 402
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
Request Chain 405
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 406
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713264582&external_user_id=09cfae46-90cc-4951-8b56-4336545e4e66
Request Chain 407
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7008708328693346175

418 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zero-click-hacks-spy-phone-pegasus-20220227.html
www.inquirer.com/business/ 		187 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c68752b04251d67fba5eed3ba5770a6ed41d16a4c4368f1a09b914d115334cac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
arc-city
FRANKFURT
arc-country
DE
arc-region
HE
arc-zipcode
NULL
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 10:49:33 GMT
etag
W/"2da72-eQe8sDjRfCz4q+I3yGPdsIHtrYE"
expires
Mon, 16 Oct 2023 10:50:33 GMT
last-modified
Mon, 16 Oct 2023 10:40:25 GMT
prerender-cache-tag
prerender-pmn-philly-media-network-prod-59e5d89a
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=367 origin; dur=0 ak_p; desc="1697453373025_34831765_44466563_36609_5297_14_29_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 45266 0 pmb=mRUM,2
x-amz-cf-id
K8LDWKsI_eFa7uS-6hiPcyxvukYgiBhpsYzpiBmo6AR7C-_WHS2bQw==
x-amz-cf-pop
IAD55-P4
x-arc-pb-request-id
416efc3b-0477-4f13-a508-446a4b03470a a0e1c564-83f8-44ee-8f05-095bb8ad49c8
x-arc-request-id
0.957d1302.1697453373.2a68183
ICUQZSU4VFE3TBFT7N4R72T37A.jpg
www.inquirer.com/resizer/j9sD2xdQ6j1o6u94L8S7KARrPBA=/700x467/smart/filters:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/pmn/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inquirer.com/resizer/j9sD2xdQ6j1o6u94L8S7KARrPBA=/700x467/smart/filters:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/pmn/ICUQZSU4VFE3TBFT7N4R72T37A.jpg
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Server /
Resource Hash
5b9c1dfaa45a5008dfbdd5e70baa91bbe96636fdf9af18e25563990268e4680f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
300
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Mon, 16 Oct 2023 10:49:35 GMT
arc-country
DE
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453373.2a685b1
server-timing
cdn-cache; desc=MISS, edge; dur=738, origin; dur=1350, ak_p; desc="1697453373456_34831765_44467633_208619_8827_16_0_146";dur=1
content-length
60940
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
etag
"acf508a3ef04e33dc8cb03cb42863125a926c57f"
arc-zipcode
NULL
content-type
image/jpeg
cache-control
private, max-age=300
arc-region
HE
expires
Mon, 16 Oct 2023 10:54:35 GMT
10035.js
micro.rubiconproject.com/prebid/dynamic/ 		500 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10035.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
1317ae881b9f4d199fdfd142c20865ccbb750090997f05ea6a74814037e1bda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:33 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
edge-cache-tag
prod-prebid-10035_Philly_Desktop.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
137914
expires
Mon, 16 Oct 2023 16:11:47 GMT
arcads.js
www.inquirer.com/pf/resources/vendor/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/resources/vendor/arcads.js?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3cc6e0d8678e6cc2355f7343a6ca33dec87b7649e296d8089cb90f153355f1a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 16 Oct 2023 10:49:33 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD58-P6
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453373.2a68646
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697453373511_34831765_44467782_139_5053_13_0_146";dur=1
content-length
8011
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"9d67e60f5db8c4b32d82b5e53f31775e"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
hfqKuOR-bFcfonIk8JhdMak5Hb1xDiCbiZrnSXAjUNgXqZQLE_Q7Qw==
expires
Tue, 15 Oct 2024 10:49:33 GMT
style.css
www.inquirer.com/pf/resources/dist/inquirer-light/css/ 		141 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
783fa023fe129c181d9d1ac812abc56e3b3074b504418a7b1ac82742329cb838
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 16 Oct 2023 10:49:33 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P4
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453373.2a685b2
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697453373456_34831765_44467634_147_5522_12_0_255";dur=1
content-length
26154
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"53aa34e763bc3340d3a4223eb8f3cd10"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
warBQ2pRycfzgQZWpMG_21rSabVcq5i3CLAH3c050qPOoG13BHbPqg==
expires
Tue, 15 Oct 2024 10:49:33 GMT
lux.js
cdn.speedcurve.com/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=283407416
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
483c0638358a98743d0629fd0caca2831a9fb1946c4d12f4aa1ac0868c432320

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 16 Oct 2023 10:49:33 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
3730
x-cache
HIT
content-length
8098
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Mon, 16 Oct 2023 09:47:23 GMT
server
Apache
x-timer
S1697453374.549003,VS0,VE2
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Oct 2023 09:47:23 GMT
react.js
www.inquirer.com/pf/dist/engine/ 		277 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/dist/engine/react.js?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7c3a6268ee7cdec2284d3cd2232956ee0e11429bc71192a081a4f9823d69d92d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 16 Oct 2023 10:49:33 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P4
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453373.2a68647
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697453373511_34831765_44467783_111_5429_13_0_146";dur=1
content-length
91898
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"66157129087a915069abed56178d30cd"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
oGrltIhwSb-aJioVt7GJ6UngglorQCTkT8TywjIu-NmZ6R3wIc-4MA==
expires
Tue, 15 Oct 2024 10:49:33 GMT
light.js
www.inquirer.com/pf/dist/components/combinations/ 		537 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e96b932f32e27859a464055e6e4fa7ca9ce93be2fffd06f2089a2a5d445e2bcc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 16 Oct 2023 10:49:33 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P3
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453373.2a68648
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697453373511_34831765_44467784_91_5114_13_0_146";dur=1
content-length
166482
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"b7919aabe4d8f32ccee557fb537daf91"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
4dz8RqZTy8BOev33LCmfzq7qeK0EfH-SD-FFCfu_M1RV_RbkGGPGhg==
expires
Tue, 15 Oct 2024 10:49:33 GMT
faAngleRight.svg
media.inquirer.com/assets/ 		246 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/faAngleRight.svg
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49a6ae89256c38cdc9a17aef9325ec80bc07abd6f5570b627bfbc37ce39e9af1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:45:54 GMT
x-amz-version-id
VOCl15H0IqkMyQdU8dURk6PPQdVHLNDt
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Wed, 22 Feb 2023 06:46:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1400620
etag
"4ac5c1d2a6b032e8e99f17eb5550dd94"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
246
x-amz-cf-id
5xJjIYQCeZeBPRKxXnNw78nfo28xq6LljGnLO5zCPLGpMD5EgVat-Q==
PPACB-T4Q7H-SPCW8-FS2AT-3JVSH
s.go-mpulse.net/boomerang/ 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/PPACB-T4Q7H-SPCW8-FS2AT-3JVSH
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:33 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Sat, 23 Sep 2023 12:34:11 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
InquirerTextWEB-Medium-webfont.woff2
media.inquirer.com/fonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/InquirerTextWEB-Medium-webfont.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68ab2aab507fa710139efa05ca7b430dcb087678db2a2f08adf76aefdf29141c

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:58:34 GMT
x-amz-version-id
Kl0P9a3oS0Q0_esemHxO2Ti163qqslv7
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1417860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
38340
last-modified
Thu, 27 Apr 2023 17:49:08 GMT
server
AmazonS3
etag
"f1bb4e6fcf3045a3d4fea979412b2c38"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
0B1nBmQnaZKXrBWcceQvIcVQW-AvXPFtKywC0EVBqG1ip8fCs9NwBQ==
Grot10-Regular-webfont-tth.woff2
media.inquirer.com/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/Grot10-Regular-webfont-tth.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
addfcaef52a2f4c5392dc1031d880daaf3c41ff53d767095906f16aeb796a169

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:05:06 GMT
x-amz-version-id
BvTrChxZ3ONNDuaCgwuiwHCj.mzk9PI9
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
157468
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32488
last-modified
Tue, 25 Apr 2023 18:23:33 GMT
server
AmazonS3
etag
"b0c1aae0a46148f00527a480ecc6d4c8"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
63ZWnwvfdFFl-CYkDanEUaxSmgF0SlCwi3VqPH7aC_TJwuQVfx_7Yw==
Grot10-ExtraBold-webfont-tth.woff2
media.inquirer.com/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/Grot10-ExtraBold-webfont-tth.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d698d9e79c2f9d7b0065fadcb9f313a0517f845da996e7097e682eee7c1ede7

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:58:34 GMT
x-amz-version-id
_SpK_NTWnytCwOQOyIH8fg3tLCHW1ctb
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1417860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33256
last-modified
Tue, 25 Apr 2023 18:23:32 GMT
server
AmazonS3
etag
"58d0d9459c57884956185d474f330227"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
hnx6mLZoEcJEWC7ETXzAlVBJQWF6yfTw87jAUJKfQr4uQjjzjTbafQ==
Grot10-Medium-webfont-tth.woff2
media.inquirer.com/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/Grot10-Medium-webfont-tth.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c467b564be293f00c7a1eb304ba7e406db57f4f2f863259ccb61d9beff3fb233

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 18:12:41 GMT
x-amz-version-id
m8vh6docjO6s6nnu4zYMhHF8NMB1uh2A
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1355812
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32628
last-modified
Tue, 25 Apr 2023 18:23:32 GMT
server
AmazonS3
etag
"2b06e70f5a388490a94b7db17e1c4bad"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
1wYAiI7ufapdNFnB2agxxM4tYwjc0uXL1lViQ0nJEXYLnTO0P6PrMQ==
Grot12Condensed-SemiBold-webfont.woff2
media.inquirer.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/Grot12Condensed-SemiBold-webfont.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6b51104be7c9a49981b3f85e3ea7e67ddea04724346f68d60043f9e617b5d09

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 00:28:11 GMT
x-amz-version-id
Db73iWjDudc8FXM8mv4aXC2e67K3Ugs3
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2024483
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18040
last-modified
Mon, 24 Apr 2023 18:10:37 GMT
server
AmazonS3
etag
"c22f14a7164e5940745d44090c2e9849"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
BlEdjHXQStVJ4VHh496QzbG05NVAjoziP9s-A5_U31yEpGuvVuf1zg==
RingsideRegularSSm-Book_Web.woff2
media.inquirer.com/fonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/RingsideRegularSSm-Book_Web.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55b7396074b7aed6c0828ecdbe660d8f15fe4641dd8f82c1bcabba0e9daa8cd1

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:06:06 GMT
x-amz-version-id
NLCYxkuwGUxmZCgptVx47uK3UXy95I6h
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2256208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
67072
last-modified
Tue, 04 Apr 2023 16:27:38 GMT
server
AmazonS3
etag
"8c2e14aafe1fb8e9f58d5e85d0f1fab1"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
CH8bI2BXO2YuciII0yT86uTdTX9Da_9x7BHaEINkc7c28UAZKRUd8g==
inquirerheadline-semibold-webfont.woff2
media.inquirer.com/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/inquirerheadline-semibold-webfont.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4972356f4f782a7098624bd9a3b1b29a79a2e7fcb893610720506871e548a78

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:06:06 GMT
x-amz-version-id
k98UJ2BdHK3wJXsAMjeDOGKMsFOpFVQ8
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2256208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36772
last-modified
Fri, 02 Jun 2023 17:51:14 GMT
server
AmazonS3
etag
"a8e7687cac283cd4f7195e28a65a0ed5"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
bYUZU1F9KqxuTspjIASL7k_ySo9uX1xCAOy3FN-0DMVxuRY9Bdb3SQ==
inquirerheadline-medium-webfont.woff2
media.inquirer.com/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/inquirerheadline-medium-webfont.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1db67113d69f1a7312245dcedde3342703bff894a6507c255f40b93d0001880f

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 18:12:41 GMT
x-amz-version-id
rMszKVMUPUnwdiZONmC7X0P7GV3pRve3
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1355812
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37088
last-modified
Fri, 02 Jun 2023 17:49:58 GMT
server
AmazonS3
etag
"b711ffab4d944690cba5280498580fbe"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
C5NlLdDZA-Aw_5ikLnuoZ1vEpebQzlTwWCjWe-fuPXUZ7G5SmFbhVg==
InquirerTextWEB-MediumItalic-webfont.woff2
media.inquirer.com/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/InquirerTextWEB-MediumItalic-webfont.woff2
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/resources/dist/inquirer-light/css/style.css?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5826c971da7c697558fc37fd964bf6f1dbb5dedbadd19aba7c401f547bd3df09

Request headers

Referer
https://www.inquirer.com/
Origin
https://www.inquirer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 01:12:03 GMT
x-amz-version-id
zVIhH.Z8F56mXYinpoE7DOYcAi3oYSsr
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1417051
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
41448
last-modified
Thu, 27 Apr 2023 17:47:55 GMT
server
AmazonS3
etag
"cbb42b3475be2bbac8f35fa1e8bb81e5"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
uVLmZPfKloWI5OF1bkSI-fy_wBlKjocAacYw9LQE6Z3odm_rRmHfVw==
10035-pbjs-floors.json
ads.rubiconproject.com/floors/ 		18 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10035-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
30fd8f878386ff81014c79ee37e0716bd1743c54e94575d3770dd9d0d64885ef

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:33 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 09:40:39 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1759
prebidrtdclient.js
warp.media.net/js/tags/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CUG8YY38&dn=www.inquirer.com
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5dc39875fac11b74676a6bfc54267cf18556e86b5e892312ca10732104677c7f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Mon, 16 Oct 2023 10:49:33 GMT
server
Apache
etag
3872184024085716622
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
content-length
38913
expires
Mon, 16 Oct 2023 11:19:33 GMT
sdk-0vh0fKpDldgIp9
cdn.growthbook.io/api/features/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/api/features/sdk-0vh0fKpDldgIp9
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
f6ba3ded1fb4c56fc12e7f3dea88e1c459c5bf1a74ce66ec941d860eca9d59fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-sse-support
enabled
date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
9
x-powered-by
Express
x-cache
HIT, HIT
content-length
1159
x-served-by
cache-iad-kjyo7100043-IAD, cache-fra-eddf8230025-FRA
x-timer
S1697453374.226318,VS0,VE1
etag
W/"c37-ui0Ta9+osE34xEIuJo8Afe5WwCY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-sse-support
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges
bytes
x-cache-hits
542564, 1
gtm.js
www.googletagmanager.com/ 		636 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PMVLLW&l=PMNdataLayer
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98af05a24674d509266a8b99b471f1f7594123c378010a455c6cfefcc5b930b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138819
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Oct 2023 10:49:34 GMT
0.chunk.js
www.inquirer.com/pf/dist/components/combinations/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/dist/components/combinations/0.chunk.js?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
ac60b26739ec240324437cec8d81b047e65ebdf10b4f4b37923712a1c7c51be6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P3
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453374.2a68e37
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1697453374219_34831765_44469815_977_5362_18_0_146";dur=1
content-length
12221
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"61e5384fcaf39da48cb883e96565081b"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
wgkNw7KHN0xO1DfnM3WEWqS2gCaootnmEOcU9BzO7S3ekY2Jxva3Dg==
expires
Tue, 15 Oct 2024 10:49:34 GMT
49.chunk.js
www.inquirer.com/pf/dist/components/combinations/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/dist/components/combinations/49.chunk.js?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b76fe77c55eeef30ca746dd73b4e35bdaf1ccf6a25df2915c3f4c9abba5b7c04
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P4
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453374.2a68e38
server-timing
cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="1697453374217_34831765_44469816_1036_6356_18_0_146";dur=1
content-length
4464
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"7d0b09282eba0ae07221dfb89fad9283"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
YQKzZ94IQyzxkFxHz_BOrK-59QILL1fG5GY8HY7XswIX5VtLBwpC6g==
expires
Tue, 15 Oct 2024 10:49:34 GMT
fusion-env
www.inquirer.com/pf/api/v3/content/fetch/ 		8 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/api/v3/content/fetch/fusion-env?query=undefined&d=579&_website=philly-media-network
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/engine/react.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb4388f8dab3e131fe4e42fcbc219966319f7977855ee585bccfbc1bcbc263b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
If-Modified-Since
1697452815291
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
143, 143
x-edgeconnect-origin-mex-latency
120
x-arc-pb-request-id
b04d9045-9a63-404c-88b1-9eb7219385b0, b04d9045-9a63-404c-88b1-9eb7219385b0
content-encoding
gzip
date
Mon, 16 Oct 2023 10:49:34 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P3
x-edgeconnect-midmile-rtt
20
arc-country
DE
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453374.2a68e35
server-timing
cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1697453374217_34831765_44469813_1311_6797_18_0_219";dur=1
content-length
5296
last-modified
Mon, 16 Oct 2023 10:45:15 GMT
server
openresty
etag
W/"1f6c-kKc0fdoS7slZ2BDoGuEFRddFeAI"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
arc-zipcode
NULL
content-type
application/json; charset=utf-8
cache-control
max-age=41
arc-region
HE
x-amz-cf-id
VTB8tY4hCmMcEJ4xwC3RS045otQrYqOw13uBblfDZ7Iw9AqmvfzBkQ==
expires
Mon, 16 Oct 2023 10:50:15 GMT
fusion-env
www.inquirer.com/pf/api/v3/content/fetch/ 		8 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/api/v3/content/fetch/fusion-env?query=undefined&d=579&_website=philly-media-network
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/engine/react.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb4388f8dab3e131fe4e42fcbc219966319f7977855ee585bccfbc1bcbc263b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
If-Modified-Since
1697452815291
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
143, 143
x-edgeconnect-origin-mex-latency
120
x-arc-pb-request-id
b04d9045-9a63-404c-88b1-9eb7219385b0, b04d9045-9a63-404c-88b1-9eb7219385b0
content-encoding
gzip
date
Mon, 16 Oct 2023 10:49:34 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P3
x-edgeconnect-midmile-rtt
20
arc-country
DE
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453374.2a68e36
server-timing
cdn-cache; desc=HIT, edge; dur=21, origin; dur=0, ak_p; desc="1697453374217_34831765_44469814_2193_6665_16_0_219";dur=1
content-length
5296
last-modified
Mon, 16 Oct 2023 10:45:15 GMT
server
openresty
etag
W/"1f6c-kKc0fdoS7slZ2BDoGuEFRddFeAI"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
arc-zipcode
NULL
content-type
application/json; charset=utf-8
cache-control
max-age=41
arc-region
HE
x-amz-cf-id
VTB8tY4hCmMcEJ4xwC3RS045otQrYqOw13uBblfDZ7Iw9AqmvfzBkQ==
expires
Mon, 16 Oct 2023 10:50:15 GMT
sdk-0vh0fKpDldgIp9
cdn.growthbook.io/sub/ 		22 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/sub/sdk-0vh0fKpDldgIp9
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200086-IAD, cache-fra-eddf8230025-FRA
date
Mon, 16 Oct 2023 10:49:34 GMT
via
1.1 varnish, 1.1 varnish
age
25
x-timer
S1697453374.253388,VS0,VE1
x-powered-by
Express
x-cache
HIT, HIT
content-type
text/event-stream
access-control-allow-origin
*
cache-control
private, no-store
accept-ranges
bytes
x-cache-hits
112, 1
client
accounts.google.com/gsi/ 		198 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/0.chunk.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
326bacb105aee0c9ccd1dda381b8b17d913a5cea963d9e0ca0c7ab7508215327
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8nWboXTpEdxjLKjm6pQn8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-8nWboXTpEdxjLKjm6pQn8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 16 Oct 2023 10:49:34 GMT
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=PPACB-T4Q7H-SPCW8-FS2AT-3JVSH&d=www.inquirer.com&t=5658178&v=1.632.0&sl=0&si=osonmjirwkd-s2mbel&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=653835
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/PPACB-T4Q7H-SPCW8-FS2AT-3JVSH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:585::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcae36a3978f89c7b6c2c737ad2e5278b2abf01443994d8410b63b0c69bbc3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Oct 2023 10:49:34 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
auth0.min.js
cdn.auth0.com/js/auth0/9.22.1/ 		195 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.22.1/auth0.min.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/0.chunk.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d600:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d50f340af3201fff5006b9b00d60a56d2c98ea711f737634f299e978391f81a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
h1.miOuwrjuLRzm8Y4tECYBYWeZzJfu5
content-encoding
gzip
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 07:36:43 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
11572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Wed, 19 Jul 2023 05:51:06 GMT
server
AmazonS3
etag
W/"9a97b3239554cc53c3bb10387b128fd7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
9WGPMsl0jKVUW1dqFzJ4HLieknnmCPeJVsHdJCVVxmPZu5WRXGQs0w==
/
pro.ip-api.com/json/ 		285 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=CGU0YmUOsU81utw
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
97e250ed5bf13d39ed540490716fc303c47086b0d30462a2f3fdeb861d462b3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Oct 2023 10:49:34 GMT
Content-Length
285
Content-Type
application/json; charset=utf-8
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKATFKRC77UA008MLALG&lib=ttq
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3227c48cd87741f301ff4fd78b649c9e0d61ba45b421c2dd5651dd96e46dec0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
1c7c724
date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
content-length
1319
pragma
no-cache
server
nginx
x-tt-logid
20231016104934766B85DEAF5E6614E77A
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
100,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574a25a8d478fb3fd1eb62eeb52e855ac9426677b3226cdb9ef1dc83becb8c137bd017d1240d77b752df31f2617269b76139549ab1b8a49922bf72452283e569d10
expires
Mon, 16 Oct 2023 10:49:34 GMT
js
www.googletagmanager.com/gtag/ 		290 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMVLLW&l=PMNdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1820fa549747124861aaba93c0f967804385d4e23c926414e35ecb3a4f670da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96458
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 10:49:34 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMVLLW&l=PMNdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 09:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3481
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 11:51:33 GMT
wDQBgzFKPJ.js
d33pn8gtn0nu9p.cloudfront.net/2.18.0/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33pn8gtn0nu9p.cloudfront.net/2.18.0/wDQBgzFKPJ.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMVLLW&l=PMNdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d000:b:4a1:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0039e1283a0696bd65b17c519a21155018d7b6286e0c7d42e3baf72241f906b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:53:37 GMT
content-encoding
gzip
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
last-modified
Wed, 03 Nov 2021 18:36:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1094158
etag
"af684ca8348a1519ff4822ae7e3e1e13"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
26983
x-amz-cf-id
vl89rT53Uphwna33nd7VpVm2zuHNM857h78uZasywz-Ejme8rpGCew==
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMVLLW&l=PMNdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 10:49:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
7LihZmW3iC121NnHbuLisq7Hss9xP8sbQ6jm11kXYetb1p9p6S8IE1u6OoAvemYKyAAZLJNo7q5ByG/xkM0YZQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
13707460.fls.doubleclick.net/ Frame 21A2
Redirect Chain
  • https://13707460.fls.doubleclick.net/activityi;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
  • https://13707460.fls.doubleclick.net/activityi;dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;u...
599 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://13707460.fls.doubleclick.net/activityi;dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMVLLW&l=PMNdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
069cdae9cf0046b63eabb90e55984638144718284a8aa752d95e5f8e7ee730e7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
340
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13707460.fls.doubleclick.net/activityi;dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034697&ns__t=1697453374498&ns_c=UTF-8&c8=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&c7=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&c9=
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-10.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:34 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
DccWwmAgbR6vvlctKpWlmXZu6M4BMSh9my79iIm5E88osg3zkMorUg==
x-cache
Miss from cloudfront
style
accounts.google.com/gsi/ 		533 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-XuSRt2s2OEfzr9NB9a22RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-XuSRt2s2OEfzr9NB9a22RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 16 Oct 2023 10:49:34 GMT
status
accounts.google.com/gsi/ 		40 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=715496948088-u17hj3uk6ulsgponl7cfcgip021k5jfn.apps.googleusercontent.com&as=%2FQbQ1IvLsA4nZKr2QL7Jog
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14b4a76d14e5b493840dbf58ae0b94c70cb5a79e895b0215e19f0b48fc54484b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m4sxVMlpTI9fdLSbiU0zhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-m4sxVMlpTI9fdLSbiU0zhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
2473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 16 Oct 2023 11:08:21 GMT
collect
region1.analytics.google.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9HHXKD70G8&gtm=45je3ab0&_p=991142149&_gaz=1&cid=816115706.1697453375&ul=en-us&_geo=1&_rdi=1&_s=1&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dr=&sid=1697453374&sct=1&seg=0&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9HHXKD70G8&cid=816115706.1697453375&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9HHXKD70G8&cid=816115706.1697453375&gtm=45je3ab0&aip=1&z=604699547
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
philadelphia-inquirer-snowplow-collector.localnewslab.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://philadelphia-inquirer-snowplow-collector.localnewslab.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-243.compute-1.amazonaws.com
Software
akka-http/10.1.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.inquirer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.inquirer.com
access-control-max-age
5
content-length
0
date
Mon, 16 Oct 2023 10:49:34 GMT
server
akka-http/10.1.10
tp2
philadelphia-inquirer-snowplow-collector.localnewslab.io/com.snowplowanalytics.snowplow/ 		2 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://philadelphia-inquirer-snowplow-collector.localnewslab.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d33pn8gtn0nu9p.cloudfront.net
URL: https://d33pn8gtn0nu9p.cloudfront.net/2.18.0/wDQBgzFKPJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-243.compute-1.amazonaws.com
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.inquirer.com
date
Mon, 16 Oct 2023 10:49:35 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.1.10
content-length
2
content-type
text/plain; charset=UTF-8
1728487820781559
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1728487820781559?v=2.9.134&r=stable&domain=www.inquirer.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4be2f107d4393c6ffef810afa8076af57aa43afb7634ffd0bc53d72cb06c1afa
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 10:49:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
kEbYZGZ5sq83s0gLGGxAaDjd0Ybf5xFH98ORmdJi5bj2Pk/DGgP9IZ76D4yjxBw3RM5+ESSJ4W2cqZNI8gAv4w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https...
adservice.google.com/ddm/fls/i/ Frame 964D 		598 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Requested by
Host: 13707460.fls.doubleclick.net
URL: https://13707460.fls.doubleclick.net/activityi;dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
560f69259690d4fb1d41b7485b77d3dad1f0499b1b23d700907febe4656e9492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13707460.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
339
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=991142149&t=pageview&_s=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&ul=en-us&de=UTF-8&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjAAAAACgGK~&jid=1805068837&gjid=1806929706&cid=816115706.1697453375&tid=UA-1605085-6&_gid=152868007.1697453375&_slc=1&gtm=45He3ab0n71PMVLLW&cg1=No%20Value%20Set&cg2=article&cg3=No%20Value%20Set&cd1=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&cd2=Ryan%20Gallagher&cd3=Bloomberg&cd4=business&cd5=%2Fbusiness%7C%2Fwires%2Fwp%7C%2Fwires%7C%7C%2Fbusiness%2Ftechnology%7C%2Fnews%2Fnation-world%7C%2Fnews&cd6=article&cd7=YXFDLQ6PXZHG3CIIPAFQNM2344&cd8=202202270502&cd9=1&cd10=No%20Value%20Set&cd12=article%3A%20No%20Value%20Set%3A%20%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.%20-%20No%20Value%20Set&cd13=philly%2CNo%20Value%20Set%2CNo%20Value%20Set%2CNo%20Value%20Set&cd14=philly%3ANo%20Value%20Set%2CNo%20Value%20Set%2Cbusiness&cd15=true&cd16=00&cd18=inquirer.com&cd21=long&cd22=2022-02-27T05%3A02%3A00-05%3A00&cd23=2022-02-27T05%3A02%3A00-05%3A00&cd24=business&cd25=business&cd26=GTM-PMVLLW&cd27=921&cd28=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&cd29=&cd30=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36&cd31=816115706.1697453375&cd33=2023-10-16T12%3A49%3A34.492%2B02%3A00&cd34=Europe%2FBerlin&cd35=Mon%20Oct%2016%202023%2012%3A49%3A34%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd36=0&cd37=desktop&cd38=1697453374493.hmej71b9&cd43=GA%20Pageview%20-%20SPA&cd44=0%3A0&cd45=No%20Value%20Set&cd47=No%20Value%20Set&cd48=1351&cd50=zero-click-hacks-spy-phone-pegasus&cd51=No%20Value%20Set&cd52=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&cd53=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&cd54=composer&cd61=No%20Value%20Set&cd62=No%20Value%20Set&cd63=YXFDLQ6PXZHG3CIIPAFQNM2344&cd64=No%20Value%20Set&cd65=subtype-regular&cd68=wires&cd69=No%20Value%20Set&cd83=none%20%7C%20none%20%7C%20none%20%7C%20%20%7C%20&cd90=fusion&cd104=Logged%20Out&cd116=Not%20Set&cd118=0&cd122=No%20Value%20Set&cd127=No%20Value%20Set&cd128=Not%20Set&cd129=Logged%20Out&cd132=No%20Value%20Set&cd133=No%20Value%20Set&cd134=No%20Value%20Set&cd135=no%20value%20set&cd141=No%20Value%20Set&cd142=%20%3A%20&cd143=%20%3A%20&cm4=1&cd32=816115706.1697453375&z=2013702877
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1605085-6&cid=816115706.1697453375&jid=1805068837&gjid=1806929706&_gid=152868007.1697453375&_u=aGBAgUAjAAAAAGgGKAC~&z=1951678696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=991142149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&ul=en-us&de=UTF-8&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Audience&ea=Located&el=60552&_u=aGDAAUAjAAAAAGgGKAC~&jid=1815962087&gjid=243992083&cid=816115706.1697453375&tid=UA-1605085-6&_gid=152868007.1697453375&_r=1&gtm=45He3ab0n71PMVLLW&cd1=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&cd2=Ryan%20Gallagher&cd3=Bloomberg&cd4=business&cd5=%2Fbusiness%7C%2Fwires%2Fwp%7C%2Fwires%7C%7C%2Fbusiness%2Ftechnology%7C%2Fnews%2Fnation-world%7C%2Fnews&cd6=article&cd7=YXFDLQ6PXZHG3CIIPAFQNM2344&cd8=202202270502&cd9=1&cd10=No%20Value%20Set&cd12=article%3A%20No%20Value%20Set%3A%20%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.%20-%20No%20Value%20Set&cd13=philly%2CNo%20Value%20Set%2CNo%20Value%20Set%2CNo%20Value%20Set&cd14=philly%3ANo%20Value%20Set%2CNo%20Value%20Set%2Cbusiness&cd15=true&cd16=00&cd18=inquirer.com&cd21=long&cd22=2022-02-27T05%3A02%3A00-05%3A00&cd23=2022-02-27T05%3A02%3A00-05%3A00&cd24=business&cd25=business&cd26=GTM-PMVLLW&cd27=921&cd28=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&cd29=&cd30=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36&cd31=816115706.1697453375&cd33=2023-10-16T12%3A49%3A34.544%2B02%3A00&cd36=0&cd37=desktop&cd38=1697453374546.chij19ie&cd43=GA%20Event%20location%20ipaip&cd44=0%3A0&cd45=No%20Value%20Set&cd47=No%20Value%20Set&cd48=1351&cd50=zero-click-hacks-spy-phone-pegasus&cd51=No%20Value%20Set&cd52=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&cd53=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&cd54=composer&cd61=No%20Value%20Set&cd62=No%20Value%20Set&cd63=YXFDLQ6PXZHG3CIIPAFQNM2344&cd64=No%20Value%20Set&cd65=subtype-regular&cd68=wires&cd69=No%20Value%20Set&cd83=none%20%7C%20none%20%7C%20none%20%7C%20%20%7C%20&cd90=fusion&cd104=Logged%20Out&cd116=Not%20Set&cd118=0&cd122=No%20Value%20Set&cd127=No%20Value%20Set&cd128=Not%20Set&cd129=Logged%20Out&cd132=No%20Value%20Set&cd133=No%20Value%20Set&cd134=No%20Value%20Set&cd135=no%20value%20set&cd142=%20%3A%20&cd143=%20%3A%20&cd32=816115706.1697453375&cd17=No%20Value%20Set&cd20=60552&cd46=No%20Value%20Set&cd66=45.141.152.77&cd81=No%20Value%20Set&cd82=No%20Value%20Set&cd106=No%20Value%20Set&cd124=No%20Value%20Set&z=1986109753
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MWQ0NWRkZTlhNA.js
analytics.tiktok.com/i18n/pixel/static/ 		405 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKATFKRC77UA008MLALG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1da1b73e9de471e0d18a2aa2e980fe6fe7c189507193258155206aad973eac18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
1c7c79a
date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023092112392539904962ACB4B2BAC3D4
vary
Accept-Encoding
x-cache
TCP_HIT from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e820bb5fac9a779dbb0d6840445908386320bf5b47296dd2948c9d46fb5754861828f9cd0403f12d7b7815818893a01b138f023ba73b5c390a87b20d191ac3b287d9452b49d3e3476336f600a9b32aaf82b74ac97ab915dd3b1fe56bac869902
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
106844
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1605085-6&cid=816115706.1697453375&jid=1815962087&gjid=243992083&_gid=152868007.1697453375&_u=aGDAAUAjAAAAAGgGKAC~&z=341170158
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1605085-6&cid=816115706.1697453375&jid=1805068837&_u=aGBAgUAjAAAAAGgGKAC~&z=1808071911
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1605085-6&cid=816115706.1697453375&jid=1805068837&_u=aGBAgUAjAAAAAGgGKAC~&z=1808071911
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1605085-6&cid=816115706.1697453375&jid=1815962087&_u=aGDAAUAjAAAAAGgGKAC~&z=1491851908
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1605085-6&cid=816115706.1697453375&jid=1815962087&_u=aGDAAUAjAAAAAGgGKAC~&z=1491851908
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https...
13707460.fls.doubleclick.net/ddm/fls/r/ Frame 950A
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam...
  • https://13707460.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;u...
850 B
364 B 		Document
General
Check archive.org
Download Go to
Full URL
https://13707460.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
d86c9f0c7fc2bf083c5a81292b91d11bb35f818749c1136e45a46f577a53edde
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
339
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:34 GMT
expires
Mon, 16 Oct 2023 10:49:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://13707460.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
1c7c7d0
date
Mon, 16 Oct 2023 10:49:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907110710A3E17FF6BA90138D5F3A
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018c2c88748710049b87b86c06511915036ae1509453e71224c1fc91378c16d101c5c9dc7d92ac9759f01aa2115b0d4be90b450d8c4f2cbb404e2358047aeedb2e683765dd1d4569cb7282425028a0c4eb7c7e1d64bec1036323fc3073cfe197be
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35923
monitor
analytics.tiktok.com/api/v2/ 		0
647 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7ec
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=4, origin; dur=98
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310161049345C856C2B6D53FDA5D713
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a5745e29c74e6211ac86abd7894365f1df0571b3864fe56a02c729fa07155d9831c1334d590b25f9ddad7f30d3b6263bf8a46d7087c4d532925155ce323bd0a3334e
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
646 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7ed
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=4, origin; dur=95
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231016104934F2814DCF0AA051558F25
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
96,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a57445bd54f9b34ef39fe3cb7e9163a100ef9988b12e48ffbc76d0cd9b5cc47ea4b15a2bcabea3ab8f78179c07464afb69747f0b1474a49f5f57a39e7d5363d75fa2
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
646 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7ee
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=3, origin; dur=96
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023101610493471D2C2A5CED840A671F1
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
96,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a5743a7dba77b9c292eae5a5b2d62f57d4eaa634fb30b9ea9f1809407b48d1518a2ac76843897fd47247eecb9f2626183bd095cbc902a5e19387c7c50462dfd9d37f
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
644 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7f4
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=4, origin; dur=98
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023101610493471863BBA0271F19B66BF
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574f6eff80d540d0f21d13fbad515643bc21b6b9a378cb5dfd11cd53afc0ca1c7d3926383323393de0e1a7c23303e4c5dbcd6c4611cd4021acaa7e5019a7032be0c
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
647 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7f6
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=45, cdn-cache; desc=MISS, edge; dur=9, origin; dur=137
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023101610493409FC22B107DE64A80FDD
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
137,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a5741ae852cc7918d60f4979d1f71823d7b2e159568c2476bb230030ec0dd429a1bedcf632594a48f1a17c4005fd5b2a3e53e459fd5a24314203b9c846a02350c550
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
648 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7f7
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=78, cdn-cache; desc=MISS, edge; dur=5, origin; dur=167
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231016104934966EB566002EDA4C8428
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
167,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574ddb75d5c3d2b58f42432b281528d4691db2d1b9ff2564f2dfe83ffe0c126373b1752f9af8061485ddb8e8a88a3cccdef6531439f1a7ae78758d6080d36fe4f95
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
645 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7f9
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=7, origin; dur=99
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310161049343623550BD22978A4E612
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
101,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574f27df14faae6b0a7cc93a2a03e25887e81d189ce4acc4fd82a38fa23e22285731e0fe81307e44509a35a7588d39d2059b55d0b9941104092a77d4e5f11d3483d
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
647 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c7fa
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=32, cdn-cache; desc=MISS, edge; dur=6, origin; dur=121
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231016104934C94D79790E1AF4A1FA72
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
122,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574f6eff80d540d0f21d13fbad515643bc23f71acaae0910dd9c6b28fbec97f9b93b5f6097c7d6d524c24ac7952cee9cd51e6954057256b65565a3ef26a47185471
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
647 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c805
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=41, cdn-cache; desc=MISS, edge; dur=5, origin; dur=131
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310161049346EEF8679FB6C28055171
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
131,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574a25a8d478fb3fd1eb62eeb52e855ac947ae686cf5dd33066332ac6dcae1d98ab66a20412790e14fa7feca1758c651b178f27a715f8c04306455794f27e0aae47
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
646 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c806
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=26, cdn-cache; desc=MISS, edge; dur=5, origin; dur=121
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231016104934281912FF72063448139C
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
121,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574ddb75d5c3d2b58f42432b281528d4691e5d00e5ac2e98ff108e4e459ab599acea759c495c9811d23f0c8b291818e67936e50241b7e5b1fcabab21dc7b3b62268
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
646 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c80b
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=5, origin; dur=100
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231016104935664FBAD6CC1ADBA61F6C
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
100,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574436b09ad47e08c2ff734f49c7f69aa19e643a8475adea72b4acfb1ecac405ec2e2fe8c9b01ad478320163661cf316c6c2532c771f71cb32451f41d55b3efcc7e
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1728487820781559&ev=PageView&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&rl=&if=false&ts=1697453374957&cd[section]=business&cd[sub_section]=business&cd[user_status]=Logged%20Out&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=29&fbp=fb.1.1697453374956.1186900386&ler=empty&it=1697453374710&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 16 Oct 2023 10:49:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
conversion.js
www.googleadservices.com/pagead/ Frame 950A 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 13707460.fls.doubleclick.net
URL: https://13707460.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://13707460.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18645
x-xss-protection
0
server
cafe
etag
5863262954022034179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 10:49:35 GMT
/
www.googleadservices.com/pagead/conversion/11334942113/ Frame 950A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11334942113/?random=1697453375077&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F13707460.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzLqsuy-oEDFUSwmgodYR8DKA%3Bsrc%3D13707460%3Btype%3Dinvmedia%3Bcat%3Dinqui0%3Bord%3D7202057052038%3Bauiddc%3D1984974688.1697453374%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.inquirer.com%252Fbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e65c1d2bbf69f9f0041311e972830057ec29e8d3014de2b88ea2b21dfb690b60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://13707460.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1623
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/11334942113/ Frame 950A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603...
  • https://www.google.com/pagead/1p-conversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512...
  • https://www.google.de/pagead/1p-conversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C5122...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F13707460.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzLqsuy-oEDFUSwmgodYR8DKA%3Bsrc%3D13707460%3Btype%3Dinvmedia%3Bcat%3Dinqui0%3Bord%3D7202057052038%3Bauiddc%3D1984974688.1697453374%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.inquirer.com%252Fbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIitHHy7L6gQMVqca7CB3tkAD6&is_vtc=1&ocp_id=PxUtZcq1BamN7_UP7aGC0A8&cid=CAQSKQDICaaNzwtkZEamG_iif7dy-4oR4FGXubcDQWAyOP8aORFX32cSnF7d&random=2375991646&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 13707460.fls.doubleclick.net
URL: https://13707460.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzLqsuy-oEDFUSwmgodYR8DKA;src=13707460;type=invmedia;cat=inqui0;ord=7202057052038;auiddc=1984974688.1697453374;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://13707460.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11334942113/?random=152370247&cv=9&fst=1697453375077&num=1&npa=1&label=KJgwCIPs0uYYEKH79Zwq&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F13707460.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzLqsuy-oEDFUSwmgodYR8DKA%3Bsrc%3D13707460%3Btype%3Dinvmedia%3Bcat%3Dinqui0%3Bord%3D7202057052038%3Bauiddc%3D1984974688.1697453374%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.inquirer.com%252Fbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIitHHy7L6gQMVqca7CB3tkAD6&is_vtc=1&ocp_id=PxUtZcq1BamN7_UP7aGC0A8&cid=CAQSKQDICaaNzwtkZEamG_iif7dy-4oR4FGXubcDQWAyOP8aORFX32cSnF7d&random=2375991646&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
649 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-44.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1c7c874
date
Mon, 16 Oct 2023 10:49:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=16, origin; dur=124
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310161049354E76351BD7E6DBA7B6B3
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
124,23.38.99.108
x-tt-trace-host
016f0d4d7ca36765ceb69b79e21b31e9c312053a9d35781548f0bc45c56393a574ab19452782900d82f5525f231e1b91557a718860687ff19f41deed892335a09bdb3f01187e65b318bedfb818d00411007b6959db00c94d555c48533240ea3b9b
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 10:49:35 GMT
1.chunk.js
www.inquirer.com/pf/dist/components/combinations/ 		320 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/dist/components/combinations/1.chunk.js?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
cb75b13924e169f2d19a486d980237d3a05cd577052befc15ec1e40484fb13a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P3
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453375.2a69ef0
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1697453375725_34831765_44474096_495_8144_12_0_146";dur=1
content-length
101664
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"d20de3c29532e90abfdea778adcedd7b"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
6CS88Ic1uQXCH9K1xoppoZ1qzd_6UgGJqGNAebZJJDAQHqeP6Y9KrA==
expires
Tue, 15 Oct 2024 10:49:35 GMT
45.chunk.js
www.inquirer.com/pf/dist/components/combinations/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inquirer.com/pf/dist/components/combinations/45.chunk.js?d=579
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
21e7209291b34df91e78f767edf195c0a450a4b58dc1d1eb51608d2d8244df12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P3
arc-country
DE
x-amz-server-side-encryption
AES256
arc-city
FRANKFURT
x-arc-request-id
0.957d1302.1697453375.2a69ef1
server-timing
cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1697453375724_34831765_44474097_300_7221_12_0_146";dur=1
content-length
11045
last-modified
Thu, 12 Oct 2023 05:58:16 GMT
server
openresty
etag
W/"7d9df9868929d635542ec101482ecab8"
arc-zipcode
NULL
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
arc-region
HE
x-amz-cf-id
U5nS1t1T_sWYfkhyevya36posYjHUSLufQF8Hcan6vLmd27wH9F1Sg==
expires
Tue, 15 Oct 2024 10:49:35 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6034697/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 05:17:39 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
26050
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
YDAWgXeMvj9D4gs-bSVUvHD-nWpVOMc538oHzf-MA_ph3-GodAc6Gg==

Redirect headers

date
Mon, 16 Oct 2023 10:49:35 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
b0jIjMp08RYHADjhfJatCfri4bw__JgCx1-LUPrea0RgtXF_SgSGew==
main.js
cdn.sophi.io/sdks/paywall/1/stable/ 		78 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/sdks/paywall/1/stable/main.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-108.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00d65c3898b2635f3b297d588d4bc0c63be1145980455392b44bc1551999ccf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 16:01:58 GMT
content-encoding
br
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
x-amz-version-id
7hMSNWYfbM7ofc6DnlGF00IEt8gmizU.
last-modified
Tue, 03 Oct 2023 16:07:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
67658
x-amz-server-side-encryption
AES256
etag
W/"c1767b1ae7a64c3ba07d7097958922ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=0
x-amz-cf-id
q7OAuzgIpLFRzpwYBR9337A-r5gcX6XYC6B5kMM31EGP6mkFHVCFFQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42551aecb6a47fb5577a82136e1b5fed47b3dc7e72f882ff8b4c516996ebcae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29685
x-xss-protection
0
server
cafe
etag
416 / 19646 / 31078806 / config-hash: 16434453456482711861
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 10:49:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:09:15 GMT
content-encoding
gzip
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2421
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
cIHTfRgVyJltlSCE8FCMzIx-opleRahRSql0ivlYvZEZnSsdosBljw==
f279b5ea-1200-4ff6-9d35-17893279723e-web.js
f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/ 		466 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ad7385fec1447192d804b476956a6506fa7bcd7982b9b1d2a19e55db4f597

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
f279b5ea-1200-4ff6-9d35-17893279723e
age
0
x-guploader-uploadid
ADPycdvytkL9Z42cvTODnQH31N7UK8kG5RX28J5cPO5te8o9yidSABBtXNsqg8w__Bin91gl_KToyDJgUEaapI7TEKyq2w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 13 Oct 2023 17:04:29 GMT
server
cloudflare
etag
W/"d5896bc6f87eccd75bdc3682ee062853"
vary
Accept-Encoding
x-goog-generation
1697216669368448
content-type
application/javascript
x-goog-hash
crc32c=8pLRKw==, md5=1Ylrxvh+zNdb3DaC7gYoUw==
cache-control
public, max-age=900
x-goog-stored-content-length
127551
timing-allow-origin
*
cf-ray
816fbc6ed8642c62-FRA
expires
Mon, 16 Oct 2023 11:04:35 GMT
script.js
p543.inquirer.com/ 		131 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/script.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
8bc1347fa3b6753fe35c6b9e0aeedeff77b1e0878cf886f70582964740dac772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
age
151
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
40316
x-xss-protection
1; mode=block
last-modified
Mon, 16 Oct 2023 10:46:03 GMT
server
-
etag
d6d2928030b36389c0bcf1b2482f2b88
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
WFL3Za6MNMVObL15NMkC_s1KHPi1J36fk7_OShxoLWfSw0SahrTGSw==
expires
Mon, 16 Oct 2023 10:57:04 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
VWm3jh650itzUl5lqfHWUg==
age
67631
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6821
x-ms-lease-status
unlocked
last-modified
Thu, 12 Oct 2023 17:37:51 GMT
server
cloudflare
etag
0x8DBCB49F5C6479E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
843e90a2-b01e-0005-5e45-fdeb58000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
816fbc6ebbc890d4-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Oct 2023 10:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
61482
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
816fbc6ebbc990d4-FRA
ml.br.js
js.matheranalytics.com/static/ltm/ma34789/234578994/21/
Redirect Chain
  • https://js.matheranalytics.com/s/ma34789/234578994/ml.js?cb=1637
  • https://js.matheranalytics.com/static/ltm/ma34789/234578994/21/ml.br.js
155 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma34789/234578994/21/ml.br.js
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
fdaa2492bfd3878d321997e8e2c4720b4ecbbeb98ac39541fe9982db68955b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:03:52 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 11 Oct 2023 19:07:24 GMT
server
nginx
age
56743
etag
"1aa24670d2b4c7c6e2dd663702793341"
vary
Accept-Encoding
x-cache
HIT Wed, 11 Oct 2023 19:19:13 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45686

Redirect headers

date
Mon, 16 Oct 2023 10:49:35 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma34789/234578994/21/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
7-gc-europe-west6-8j341021
hjy.js
cl.qualaroo.com/ki.js/74332/ 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/74332/hjy.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
061e9951fe0df4b2e1d832a97a5a333423398c6a0fbb8ddcb4f6843891457e96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
gzip
cdn-edgestorageid
1082
x-amz-request-id
97YAMVYBZGKPFEKQ
x-amz-server-side-encryption
AES256
cdn-cachedat
08/29/2023 11:04:46
cdn-pullzone
92714
x-amz-id-2
z9Iigl7CPMYZHcN6GMiQKvgj+VrvLqMGX7F/s/xkUq0YOujHwPeONvtiZmb7vMl+M+MuMFLjZ98=
last-modified
Tue, 09 May 2023 18:23:10 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"5991efa1071292dc023de9e1cfde38ec"
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=0, s-maxage=3600
cdn-requestid
8eb217e787e4b10b4702c019e1486a53
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/45.chunk.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8f06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NPJT1Y44W04R0P6B
age
5516
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SzCbMg/JCOr3rWK+H9QVoqieScwBbTcvBdSh1QbRM5KK/L9Xu7s2bUtTmAHZMefu5egj+g7iA20=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzfhuoWv479o0i4f4CvosraWpvA1EPfLi%2FLHJThW2HzgMp9O2isMpJRJcMZLWc8S2byaJy4WnN6CuwBNF6%2FqL0gvQtDaChI317ytDCxheNdO0MKY9FBi4jrpo9xV6AL09rZxgoNnojdgVbNo2e8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
816fbc708f55bb5c-FRA
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		75 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
816fbc6f1e6f65c7-FRA
vary
Accept-Encoding
content-type
text/javascript
c6dea5ec-f3a5-432d-8d99-556d91c9726b-test.json
cdn.cookielaw.org/consent/c6dea5ec-f3a5-432d-8d99-556d91c9726b-test/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c6dea5ec-f3a5-432d-8d99-556d91c9726b-test/c6dea5ec-f3a5-432d-8d99-556d91c9726b-test.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7860bf7e8a2fe623bb74d954b242a0889f3e5b0788e74979cd044f596357e23c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Oct 2023 10:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
r57gktWkVmCP8yiQkj2adg==
content-length
1476
x-ms-lease-status
unlocked
last-modified
Fri, 14 Apr 2023 16:14:41 GMT
server
cloudflare
etag
0x8DB3D035A7180DC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6c84050f-801e-0098-021e-0019e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
816fbc6f1a8a92b4-FRA
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=HtZYnkXBmA
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/pf/dist/components/combinations/light.js?d=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d1819a0401dca6fb22676f82235eae7a0ee6c7b96c432ed2b10c1aecce025f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
date
Mon, 16 Oct 2023 10:49:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 09:59:45 GMT
server
cloudflare
age
2990
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
816fbc6f3a8830d6-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
i2739zkzmt
expires
Mon, 16 Oct 2023 11:19:35 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 04:47:56 GMT
x-amz-cf-pop
FRA56-P3
age
21701
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
781C-VlZ0JPaFN1q0uo1qhmhQnhfMNA9BtlNx8Je5LKniVafqZadDg==
cs
inquirer.blueconic.net/DG/DEFAULT/ 		17 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inquirer.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1086
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.212.15.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-15-0.compute-1.amazonaws.com
Software
- /
Resource Hash
5fbd4d2f131aa05dd559748bf600567f24df02196d7de7996bec7655e4beb131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
37
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuidj
ib.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
an-x-request-uuid
459e1ba1-2d05-49f1-9fa2-a1a6d3622b67
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
816fbc6fbfc96940-FRA
access-control-allow-headers
Content-Type
068f0fe2-3afb-4d45-9b45-572b2597f393
https://www.inquirer.com/ 		104 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.inquirer.com/068f0fe2-3afb-4d45-9b45-572b2597f393
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81404a2000460db4a28cda615e5fd2c9e1925e171aeeab7cc25f05e69347d64d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
106600
Content-Type
4ff52ba9-a4c5-4b41-a81f-57552ad6ad53
https://www.inquirer.com/ 		104 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.inquirer.com/4ff52ba9-a4c5-4b41-a81f-57552ad6ad53
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81404a2000460db4a28cda615e5fd2c9e1925e171aeeab7cc25f05e69347d64d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
106600
Content-Type
getuserdbdata
app.matheranalytics.com/u/ 		54 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma34789/234578994/ml.js?cb=1637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
0-gc-use1-h7vv0111
getuserdbdata
app.matheranalytics.com/u/ 		54 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma34789/234578994/ml.js?cb=1637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
2-gc-use1-dhzl0113
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&artid=YXFDLQ6PXZHG3CIIPAFQNM2344&artpubt=1645956120&artsrc=Bloomberg&artupt=1645956120&auth=Ryan%20Gallagher&cms=fusion&hier=business&ptype=article&prem=0&sec=business&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=21&tid=15a55540-1171-4cc8-88d7-e98880c2191c&pid=655a5bd5-b8b1-4f83-be63-b1c32d5ef880&dtm=1697453375967&qnm=_matherq&visible=1&tabid=e9c66156-756b-4475-9d5f-411e32b7804f&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vp=1600x1200&ds=1600x8059&tofa=1697453376&vid=1&lvidt=1697453376&duid=d5835705-e973-4c50-9790-64b2d266297a&fp=1775131430&cid=ma34789&mrk=234578994&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5NzQ1MzM3MjkzNyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiI3MzMiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjY3IiwiZG9tYWluRSI6IjY3IiwiY29ublMiOiI2NyIsImNvbm5FIjoiMTEzIiwic3NsUyI6Ijg1IiwicmVxdVMiOiIxMTYiLCJyZXNwUyI6IjUwMiIsInJlc3BFIjoiNTE1IiwiZG9tTG9hZCI6IjUwNiIsImRvbUludGVyIjoiNzc2IiwiZG9tTG9hZFMiOiIxMDE3IiwiZG9tTG9hZEUiOiIxMDIyIiwiZG9tQ21wbHQiOiIyNzgxIiwibG9hZFMiOiIyNzgyIiwibG9hZEUiOiIyNzgzIn0sImtleXdvcmRzIjpbInplcm8tY2xpY2staGFja3Mtc3B5LXBob25lLXBlZ2FzdXMiXSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiI4MTYxMTU3MDYiLCJyZWZUaW1lIjoiMTY5NzQ1MzM3NTk2NSJ9XSwiY2F0ZWdvcnkiOnsiY2F0ZWdvcmllcyI6W1siL2J1c2luZXNzIiwiL3dpcmVzL3dwIiwiL3dpcmVzIiwiIiwiL2J1c2luZXNzL3RlY2hub2xvZ3kiLCIvbmV3cy9uYXRpb24td29ybGQiLCIvbmV3cyJdXX19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 16 Oct 2023 10:49:36 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
geoip
api.permutive.com/v2.0/ 		254 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=4d3e1376-81b5-42e2-95df-99cd3f7d032f
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
watson
api.permutive.com/v2.0/ 		450 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=4d3e1376-81b5-42e2-95df-99cd3f7d032f
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f1bffff5d478f9713b1efe1b459413f3e4dc6fe24bd19e1ded915ad97a77fc41

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
3258
config.aps.amazon-adsystem.com/configs/ 		505 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3258
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-93.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
6c0f1b4140a2b5ee8210bf1c927ccd58a7ec7b18a4ecd962aedbaf2424b1633e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:42:53 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
age
403
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
RY4p7pqNUOnxEsRLy8Iy-GgK6TtBmIcUQ5D5Gqe3WS9Ht8elJCO5rg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3258&u=https%3A%2F%2Fwww.inquirer.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
500a194d734402f7b1e3b0a73331b57ea7c29615d20f167e28fd3e42adb2f8d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:26:14 GMT
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
12202
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2171
x-amz-cf-id
0ZSfhatyDyzv7h1I91qDbERp66LLvc2EAuUVPjYVhklKkKZ0F56kqw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 11:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
83330
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Oct 2024 11:40:46 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		356 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=HtZYnkXBmA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855a02fa7e5e3ab79128f427ee404a5230070f9254ee63d47f4b8ee4c753b6b7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
x-amz-version-id
F_tf.NDX2lQ0DbaxsQgjZI_88EA.YnBk
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
1P42D5N4YS18K5KN
age
13966
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9wmbeTadrVE1y/kvAvjZGSIwnpi5hg61e6beuBxMJMpt6xrok+PiWptD6x6vNhys6ktpCEBdOm0/cR+JuSFg7g==
last-modified
Wed, 11 Oct 2023 06:37:31 GMT
server
cloudflare
etag
W/"c030f4a76c4cffa79685a46969428631"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
816fbc704be330d6-FRA
expires
Mon, 16 Oct 2023 14:49:36 GMT
frame.html
dntcl.qualaroo.com/ Frame B383 		323 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/74332/hjy.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
10/11/2023 07:02:52
cdn-edgestorageid
1080
cdn-fileserver
639
cdn-proxyver
1.04
cdn-pullzone
99568
cdn-requestcountrycode
DE
cdn-requestid
476f9feef2ab522c0d79316303cb473b
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-167
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Mon, 16 Oct 2023 10:49:36 GMT
last-modified
Sun, 09 Jul 2023 20:56:17 GMT
server
BunnyCDN-DE1-1080
vary
Accept-Encoding
f279b5ea-1200-4ff6-9d35-17893279723e-models.bin
cdn.permutive.com/models/v2/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/f279b5ea-1200-4ff6-9d35-17893279723e-models.bin
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
255f62b63426f7cded6b33d95e427bbebbbb5de8799cabcdcc3a84bbad1eaa93

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
f279b5ea-1200-4ff6-9d35-17893279723e
age
0
x-guploader-uploadid
ADPycdvXzjM-bNrJIC_dM20msORshWtcTFvQpQtFqrge9fuW9TuHCjFguOYPzWFDoKh1jj4vfm0tnGHfBosOT150BGX-
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
8797
last-modified
Mon, 16 Oct 2023 06:01:50 GMT
server
cloudflare
etag
"468c80d543aac5d9ab1a6481285e6063"
vary
Accept-Encoding
x-goog-generation
1697436110086488
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=2kN6jg==, md5=RoyA1UOqxdmrGmSBKF5gYw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
8797
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc708f3c9193-FRA
expires
Mon, 16 Oct 2023 10:18:02 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.10.0/ 		356 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Bh9exWOPGIwRshWljrtlEw==
age
20970
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
79698
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:43:00 GMT
server
cloudflare
etag
0x8D89735260901BC
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
52c14c7c-a01e-011b-5be1-5ab021000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
816fbc707d6e90d4-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 16 Oct 2023 11:04:36 GMT
config.js
cdn.confiant-integrations.net/RKCZfCfjgrexhzqV_4RjAjr5p5o/gpt_and_prebid/ 		116 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/RKCZfCfjgrexhzqV_4RjAjr5p5o/gpt_and_prebid/config.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ae8d4f2667a1b7456226a9395544f7863fbb3763c35fd3b54a0b2da66975fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 06:31:08 GMT
server
cloudflare
x-amz-request-id
20TXPW2KWJ2RJ5Z4
age
20
etag
W/"9cebcbca7aca2c4a64155805663a18fe"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
816fbc70cacb366e-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8n6NcSQVkzKouP3s5Aljpx3eqvT84Ap+OwKgi+izE/UVGzF/EIZgj9n9J1lg8QnB5dUCuR/WsUbwLaXqDCCuKw==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f7a67861972c13bbd67f527a121e276359e74a34d7366043870a77cd03ebc3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 14:20:27 GMT
server
cloudflare
x-amz-request-id
WM8H0Q85GCB3FZ0K
age
2256
etag
W/"6c1a42f0fa54a5a4ef64c2dd72fc6cd5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
816fbc70bbed1959-FRA
x-amz-id-2
k1ujazTbVaK5YTaL1PL1fm2AevAyjGjpPRyLdC1Tt/h1DBBQExVXjgqWLmmlcMEebBzzKzBiF60Eyh3vfgERpg==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 16 Oct 2023 11:04:36 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3258&u=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&pid=v5IdC5IRKs8zz&cb=0&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ad2901%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%224495%2Fphl.business%2Farticle%2F1x1_1%22%7D%5D&pj=%7B%22us_privacy%22%3Anull%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
QCXND0EMZKXZK40GQ5JG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
7qXwamgq4eDscaca-PQG58oJse8Rfe4CzNWs8rTTcuBHfMu_BEzmuw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3258&u=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&pid=v5IdC5IRKs8zz&cb=1&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ad5909%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%224495%2Fphl.business%2Farticle%2Ftop_banner%22%7D%5D&pj=%7B%22us_privacy%22%3Anull%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
JV7FV0M2BX6X9M22JK20
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
f300PMXkpvIRRKDUumHW5v7JV8ROE8VJrRv8dayWeuYGvg2hGJY7gA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3258&u=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&pid=v5IdC5IRKs8zz&cb=2&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ad5999%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%224495%2Fphl.business%2Farticle%2Fright_1%22%7D%5D&pj=%7B%22us_privacy%22%3Anull%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
QD33VGMWRHH5GZY3BY0W
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
zsFofxBgqMNYsh1KZbLQRamU9Zfsp6iP66TjQpqeh2ZBavs2l-hYYA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3258&u=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&pid=v5IdC5IRKs8zz&cb=3&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ad9806%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%224495%2Fphl.business%2Farticle%2Fright_rail_3%22%7D%5D&pj=%7B%22us_privacy%22%3Anull%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
ST63SG83QH9MQP5XN6GM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
NBVTjMv24te8bBLuYoUWmOCMd-5qpvQWQaMhvG2gaXqaWpW1xAYmBQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3258&u=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&pid=v5IdC5IRKs8zz&cb=4&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ad5324%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%224495%2Fphl.business%2Farticle%2Fright_2%22%7D%5D&pj=%7B%22us_privacy%22%3Anull%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
1DXZKRW9T2GXFWD40QTW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
aRUsS377cXl4I4ZC_lW7-Ktf4Fs7Aj9zayAraXlIwCdK-EnlnZE00Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3258&u=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&pid=v5IdC5IRKs8zz&cb=5&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ad2918%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%224495%2Fphl.business%2Farticle%2Ffeed_right_1%22%7D%5D&pj=%7B%22us_privacy%22%3Anull%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
23H6MXD6PFCJ447SS45Q
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
TOivJM6DmHH2fMzMyVJRYLdEeqaaHZ1LMa4o1KPsg1nEZHinRycNIQ==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:59:12 GMT
content-encoding
gzip
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
21025
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Xy91hXBQS0FXbnjxaG2fewTLe_bqcI_Cp7J9GlYtOoUsQHw7yNBiuQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
d610ef6c4be807125227380b24373f34
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310de9600c8bb44cc93f7917cf8285ebd1ad24620773adf3f2df4e5e0db9dfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 14:20:27 GMT
server
cloudflare
x-amz-request-id
X563Z11F0G8FH85X
age
2166
etag
W/"88086289b3f2ebf319996b249365dbe2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
816fbc716cd81959-FRA
x-amz-id-2
/dY6XJVQ4TA+o1z/K98Br8AnzYvutAfEP8OGcrpDhKsIeE71kDQFImUMGuh4OC6D6gCTfOiG/b0=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a200:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Mon, 16 Oct 2023 05:16:05 GMT
Via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
20012
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
zfhcm2NyJHoKwGs-kobe0Kd0sqTq1kyJ8ey-mXBXPf1QACvTZja2MQ==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 02:29:26 GMT
content-encoding
gzip
age
1758010
x-guploader-uploadid
ADPycduytI9z2bFYyBmZcmC9SoTee7qNPzSw3JUzr5kvUTXbF9QwN3_Wx59Ty9hTpO3VOHI19GEDVpnUTQSEd8VaemdjCQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 25 Sep 2024 02:29:26 GMT
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
579297
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
816fbc71cd3f3a80-FRA
expires
Thu, 19 Oct 2023 10:49:36 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:49:36 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25288
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxut4X%2BzMzeOatCvvaky6jBalzP8s0Vm6gl7F8QTUtaRYwSvPdBQPQUBheycQ9V8wq0TQ4YNTu61Bp%2BSNzHDR2swPQZTZorNEjkMAwQ4Q7vaJ65QP8%2Fn%2FXZ6PdWM3r41d5uQk67Si1bLuJcTLcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
816fbc71cf293837-FRA
hb-multi
hb.yellowblue.io/ 		83 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
9b5038ab3bb61e07042a73b7757e29b896dce557902aa188e2bfdc3122ae3644

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
fastlane.json
fastlane.rubiconproject.com/a/api/ 		473 B
822 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10035&site_id=409824&zone_id=2296806&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&eid_pubcid.org=b1b1f77e-7f31-4e1a-ae75-435277f5654a%5E1&rf=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&kw=zero-click-hacks-spy-phone-pegasus%2C&tg_i.domain=inquirer.com&tg_i.page=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tg_i.aupname=4495%2Fphl.business%2F.*&tg_i.pbadslot=4495%2Fphl.business%2Farticle%2Ftop_banner&tk_flint=dmpbjs_v8.17.0&x_source.tid=abd333e9-4a6f-4f16-9791-85c2ed1eb65c&l_pb_bid_id=4e4c292b6d18ae&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=61a8fd75-f945-4f3d-8d35-4eb6e3afdaf9&rp_hard_floor=0.77&rp_maxbids=1&p_gpid=4495%2Fphl.business%2Farticle%2Ftop_banner&slots=1&rand=0.3837775630226896
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b773d90b2c41acdc4d086da0852c47e1df8d7b6a809ab97d329fbccf5953acf

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
473
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tmax=1500&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
accept-ch
sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=867404
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a52a1a068524c2177c137edc49b56f4149f6090e91a12dc6368407d3c8da1a

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9V8DSXQUm67YgL%2B5dvxemdHhjX94HRvfz1sISgnnAzUNXQrEgmTiNhtR0LDhX29OXTW6bh4lqhsB9TQK8m8%2FQ%2FTO002fY4qCk9RvPq9hqIO6hmj5MMuZGojVwyA6bZRIoRjrxWC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816fbc71ebb96925-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		83 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.227.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-227-74.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
bb3086974978a902a9c3e9e179e6597ebdaeff78b6ca396fcb7db9b16f8bce5c

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
35d66f19700c5b0436e30ef45098eccbf972731fa5f209ad17a62f8e0a4b91c2

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUG8YY38
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b136a3b935ce68c468fea8bc842f1e29300e9dfbfda46b0327fab98111fa84a8

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 10:49:36 GMT
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e41eb371c40ba1bf196bf7a0d04a16f51622aedf94e408d49462f9558447e382

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
hb-multi
hb.yellowblue.io/ 		84 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
deb487ad60e67cfc094904301d27dcbd5b49874620510f33d3186dfd6eff291e

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
48
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
auction
tlx.3lift.com/header/ 		19 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tmax=1500&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ 		0
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=243&domain=inquirer.com&ccpa=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-71.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.inquirer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
7ugi_dsg5SUwrqopljickAOVK5LdsbQqNgVDk_-H2bs9iKhnspvwFQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.227.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-227-74.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
0ae3db454842684214d77a1a926927a123684b8269a3748466546279f1299d16

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
fastlane.json
fastlane.rubiconproject.com/a/api/ 		464 B
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10035&site_id=409824&zone_id=2296804&size_id=15&us_privacy=1---&eid_pubcid.org=b1b1f77e-7f31-4e1a-ae75-435277f5654a%5E1&rf=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&kw=zero-click-hacks-spy-phone-pegasus%2C&tg_i.domain=inquirer.com&tg_i.page=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tg_i.aupname=4495%2Fphl.business%2Farticle%2Finline_1&tg_i.pbadslot=4495%2Fphl.business%2Farticle%2Finline_1&tk_flint=dmpbjs_v8.17.0&x_source.tid=9763516a-bcae-40ad-8674-cdcb5b3e9e4b&l_pb_bid_id=26b19e9d56ca678&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d92f733d-1e18-4b82-87ef-abbc96ea1b08&rp_maxbids=1&p_gpid=4495%2Fphl.business%2Farticle%2Finline_1&slots=1&rand=0.7996135916085672
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
657cf211df4bcb4422d5f625f78f14c3cb663567b1147ef40dcc001d1fa28c0f

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
464
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUG8YY38
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
beb4510ed2fa6d2fe54fc65d844fc1083fd7504213eb299f7c2f43c16c2cfb8a

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 10:49:36 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=867403
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f8985c3c0eccd2bbc6907282c3b17f32997a259e18ab77777df272772c0d370

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3f11nVce2cLTl3RfJFc0RHhkPvR%2BgGX%2Fk60dhln0C8C4SfBHqKEmHZZrIwXbRXrOmfmIYtE4v8O9Tb%2FZy2JRtrVxshfFvzYS1jhOeaWailV9yiXexUR2%2BrE3h5BAiSBNREpIChr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816fbc71ebb86925-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=867404
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dc446eef1ea72226ad8c3f859c29e86badb019e5185d320ef9a1de48b3cecb

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ex15%2BQKIURwCCWXiRbzQ2rYCQ4%2BAqhxsjhqv0%2FeCzVHfJ06tXIXL9LCfTpPDZmkfurpqGCyq8I0ebsqTL0zxVEwXLZH9ODOfphphTX%2Bbu5y5Q6Fvk8adKh0lZ8ReXXGJ1FVZiRdU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816fbc71ebba6925-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.227.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-227-74.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
2fd41d1085a8c38fc65b79137dabfd9dfdb38065a7f59d82209c69c01154d696

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
auction
tlx.3lift.com/header/ 		19 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tmax=1500&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUG8YY38
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
2f704af62910e8eeaf5171b428496b65d2f6c1643d0cf027b8d8b1b85770f20d

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 10:49:36 GMT
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0402271bf7d5212741033f6797b4aab03a88ffab39db72716d88555951186358

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
hb-multi
hb.yellowblue.io/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		467 B
992 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10035&site_id=409824&zone_id=2296806&size_id=15&alt_size_ids=9&us_privacy=1---&eid_pubcid.org=b1b1f77e-7f31-4e1a-ae75-435277f5654a%5E1&rf=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&kw=zero-click-hacks-spy-phone-pegasus%2C&tg_i.domain=inquirer.com&tg_i.page=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tg_i.aupname=4495%2Fphl.business%2F.*&tg_i.pbadslot=4495%2Fphl.business%2Farticle%2Fright_1&tk_flint=dmpbjs_v8.17.0&x_source.tid=c97c8870-116c-483a-8adb-712b31d350ed&l_pb_bid_id=44c8903de9cca65&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4f1b3de9-0b8b-44d8-80f7-fa4c9bc1a56f&rp_hard_floor=1&rp_maxbids=1&p_gpid=4495%2Fphl.business%2Farticle%2Fright_1&slots=1&rand=0.16698473462553332
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d6a2ee8b301579dccae286e9276d8c877d1415f91f88bc06f1cbeaddb1d35cd7

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
467
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a0dd0e08403a0609717301d80fa36b5538ee053e534ba2dd143984ba25b6603

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=867404
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9b545123cc9f27a453869cd70f5d6f1da1df01c0297840bd6df03ed4ad2812

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4EfyC3qFkH%2FoU3Y%2BK2JKXlCsN27LPnGimwZEenMncE2xotU3KQSjAR0Uvvs%2BLXcIyJtsc5WdGobONpVYxtb%2FwbAU2pdyQ2q6QnwaSP9PhmSe5khHZk5qVCNGmTqqIzY6%2B16yHD%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816fbc71ebbe6925-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.227.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-227-74.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
c71ee843da83bc16cb981bbfe3416d4b812d3a7bb2f7ef1ae8220fc818748de6

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
hb-multi
hb.yellowblue.io/ 		84 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
58c9bdd016ff2b2c14baec5f5250aec1f5926d355a7648d3d92c9e765c2aae25

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
240
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
auction
tlx.3lift.com/header/ 		19 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tmax=1500&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10035&site_id=409824&zone_id=2296806&size_id=15&alt_size_ids=9&us_privacy=1---&eid_pubcid.org=b1b1f77e-7f31-4e1a-ae75-435277f5654a%5E1&rf=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&kw=zero-click-hacks-spy-phone-pegasus%2C&tg_i.domain=inquirer.com&tg_i.page=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tg_i.aupname=4495%2Fphl.business%2F.*&tg_i.pbadslot=4495%2Fphl.business%2Farticle%2Fright_rail_3&tk_flint=dmpbjs_v8.17.0&x_source.tid=e695046d-cfb6-4108-8cec-da958beeff6d&l_pb_bid_id=56ca830be81b2c6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=93c325cd-04ea-41ad-ad29-20af3d6a9735&rp_maxbids=1&p_gpid=4495%2Fphl.business%2Farticle%2Fright_rail_3&slots=1&rand=0.3068232472394623
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ce7a2ac2b78066ac886f69f41c83d4fd2ce1670d8c4e2775d680dd3bbf5081b4

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
472
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUG8YY38
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b8b32a5f50983b32542b6aec220adfdef1b1dbcab733492a3f668245a897451e

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 10:49:36 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 09:25:23 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6042
Expires
Mon, 16 Oct 2023 11:49:36 GMT
execute
c2.piano.io/xbuilder/experience/ 		31 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=HtZYnkXBmA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e521965bc200148b7b0838ca3794b2612d22caa4791d5bc13b5f56a1ef26f610
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
g95d4njduc
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
816fbc728ddd1c17-FRA
en.json
cdn.cookielaw.org/consent/c6dea5ec-f3a5-432d-8d99-556d91c9726b-test/b596aaab-2cbf-4406-8afd-3eb5b851941e/ 		200 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c6dea5ec-f3a5-432d-8d99-556d91c9726b-test/b596aaab-2cbf-4406-8afd-3eb5b851941e/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aac6b46a67e6fcc19be02947394076703299d8a013f0e873cb31692da134560c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
3LgjlA0gd6CKee+H8sOrog==
content-length
35043
x-ms-lease-status
unlocked
last-modified
Fri, 14 Apr 2023 16:14:44 GMT
server
cloudflare
etag
0x8DB3D035C7CE0DE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
58e331c5-101e-007e-281e-00a9c4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
816fbc724e3592b4-FRA
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310031103/ 		269 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310031103/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/RKCZfCfjgrexhzqV_4RjAjr5p5o/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f32f4b1aebee55450f9eaea7572be5631167000c60b202e32fd7efe10534e2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 15:32:29 GMT
server
cloudflare
x-amz-request-id
NHPQB15Q1J9RVQ2F
age
1099712
etag
W/"1817aabf6d3ce56cce955976a0e0702e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
816fbc72dd5e366e-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uvHH6HxJCzgEBwi861yoT/4PYZMTkDx0OzcrO3Eo/B+LvdAatYiBwGuYjUOjZuID2Zx6F32KFUM2mdV+qWQfmHEPafv7arVP0oaJauCbYdA=
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 16 Oct 2023 11:04:36 GMT
1085
p543.inquirer.com/DG/DEFAULT/rest/rpc/ 		65 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/DG/DEFAULT/rest/rpc/1085?referer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&bcsessionid=&bctempid=&overruleReferrer=&time=2023-10-16T12%3A49%3A36%2B02%3A00&ts=1697453376459
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
55e7358e61a74e540164ae74b6258eb9d5c1d80dbccbd7dfb102dd6a9fa1dcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
15638
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
PplwoTu0LsKCqILxVMT7mXNw7yhLsGn-4q2H3Vpp-0bfLphoy6ebyg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=21&tid=1d2cc9e8-0d12-4e64-aa4f-dae3befe43da&pid=655a5bd5-b8b1-4f83-be63-b1c32d5ef880&dtm=1697453376401&qnm=_matherq&visible=1&tabid=e9c66156-756b-4475-9d5f-411e32b7804f&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vp=1600x1200&ds=1600x8059&tofa=1697453376&vid=1&lvidt=1697453376&duid=d5835705-e973-4c50-9790-64b2d266297a&fp=1775131430&cid=ma34789&mrk=234578994&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMyIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjk3NDU1MTc1OTU2In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 16 Oct 2023 10:49:36 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3639582153038111&correlator=2997650148574906&eid=31078806%2C44769661&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4495%2Cphl.business%2Carticle%2C1x1_1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&didk=3411712108&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697453376476&lmt=1697445625&adxs=800&adys=148&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=816115706.1697453375&ga_sid=1697453376&ga_hid=991142149&ga_fc=true&ga_cid=152868007.1697453375&a3p=EhsKDDMzYWNyb3NzLmNvbRjXhezAszFIAFICCGQSGQoKdWlkYXBpLmNvbRjXhezAszFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNeF7MCzMUgAUgIIZBIcCg1jcndkY250cmwubmV0GNeF7MCzMUgAUgIIZBIZCgpwdWJjaWQub3JnGNeF7MCzMUgAUgIIZBIXCghydGJob3VzZRjXhezAszFIAFICCGQSFAoFb3BlbngY14XswLMxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNeF7MCzMUgAUgIIZA..&dlt=1697453373443&idt=2665&prev_scp=day_of_week%3D1%26hour%3D10%26date%3D101623%26article_id%3DYXFDLQ6PXZHG3CIIPAFQNM2344%26slot_name%3Dphl.business%26article_sections%3DBusiness%252C%2520Washington%2520Post%252C%2520Wires%252C%2520%252C%2520Technology%252C%2520Nation%2520%2526%2520World%252C%2520News%26platform%3Dfusion%26content_type%3Dstory%26content_subtype%3Dsubtype-regular%26user_status%3DLogged%2520Out%26position%3Donepixel%26position_type%3Donepixel_article%26url_path%3Dbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html%26amznbid%3D2%26amznp%3D2&cust_params=permutive%3D%26puid%3Ded3dbb2d-5a88-4528-ac75-ebfd803662ab%26ptime%3D1697453376186%26prmtvvid%3De3c09edc-16df-4642-8294-047a421553b5%26prmtvwid%3Df279b5ea-1200-4ff6-9d35-17893279723e%26amznbid%3D0%26amznp%3D0&adks=1703377126&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceaf9c4d61ea1d74b27b3a0bd7bb4f7476ba595ecbaecba3f1ddb0408a56255c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12415
x-xss-protection
0
google-lineitem-id
6240910461
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425509746
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec26b935415b7d8342305c99eff1dd529a99e7f0cd8a4ec4cb5f17a459451783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12383
x-xss-protection
0
container.html
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 782A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:36 GMT
expires
Tue, 15 Oct 2024 10:49:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
increment
id5-sync.com/api/esp/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.inquirer.com
date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ 		265 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a18ccfc40596337ca34f2b1ef2c7027120c2539c3c0e9c3f2a08fb8fb3a3d56e

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
32cbaf15a5cb684c84a35abbba572638
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2b4a1f920a4cd83a61ab7b321f52824f9b3b566c377c96dec3eef6813ac8a5b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-6dl+SXb6u4fQ7pj3E4Xp5tffIAs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.inquirer.com
location
/esp?url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame B0E5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.inquirer.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:36 GMT
server
Kestrel
server-processing-duration-in-ticks
289852
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUG8YY38
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
0657951035cc17134f2536b690c9c0c8ccc88b1ab95fdef79a33dc78bf9bcd1f

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
88
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 10:49:36 GMT
auction
tlx.3lift.com/header/ 		19 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tmax=1500&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		467 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10035&site_id=409824&zone_id=2296806&size_id=15&alt_size_ids=9&us_privacy=1---&eid_pubcid.org=b1b1f77e-7f31-4e1a-ae75-435277f5654a%5E1&rf=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&kw=zero-click-hacks-spy-phone-pegasus%2C&tg_i.domain=inquirer.com&tg_i.page=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tg_i.aupname=4495%2Fphl.business%2F.*&tg_i.pbadslot=4495%2Fphl.business%2Farticle%2Fright_2&tk_flint=dmpbjs_v8.17.0&x_source.tid=314008a0-1c62-4dce-843a-f58709a758fb&l_pb_bid_id=64660565cb4511a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=800bed4d-2e63-4281-9bca-d02f333c6599&rp_maxbids=1&p_gpid=4495%2Fphl.business%2Farticle%2Fright_2&slots=1&rand=0.29279301336787755
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
94a8097a18222be803eb5c53dcfd74cf7272fbae8639a2e6584443351c0fa741

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
467
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.227.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-227-74.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
fc299cb1258c7e189599daa8fc95186bb8bc5a1b7133a4f6f5a78da8748c39c2

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=867404
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d25958f62c61618f968dad04aca3a251c44e48d0cd571a9aa1bfb2dc0b756d99

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ctte9hS9dpgdaIwPpHthtlI26WldvGwh39rFjDhF%2FF1BR6n%2F8%2BtxAoOa9JqrtJhcXww55HRdqjgVY69GtP7Opq%2BnDnfFm%2FwyOB86IxdsCUKO4umhg6p%2F3qtdN7F7Iv%2BbCSWyS1Wy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816fbc73fdec6925-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2d867b6ce00da68b8e4d45961d2f8c553be25c04ca3eae23434b96def417cab9

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
hb-multi
hb.yellowblue.io/ 		84 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
bf0f49ec25e8f09727456287b25b17e235580837d988ef854fb9eee8d9b4d8be

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.227.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-227-74.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
a4f0f025020c3c099fa95971e37be3a34447a02bee6d8427fda54b85cb9a1eff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
16
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
fastlane.json
fastlane.rubiconproject.com/a/api/ 		453 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10035&site_id=409824&zone_id=2296806&size_id=15&us_privacy=1---&eid_pubcid.org=b1b1f77e-7f31-4e1a-ae75-435277f5654a%5E1&rf=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&kw=zero-click-hacks-spy-phone-pegasus%2C&tg_i.domain=inquirer.com&tg_i.page=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tg_i.aupname=4495%2Fphl.business%2F.*&tg_i.pbadslot=4495%2Fphl.business%2Farticle%2Ffeed_right_1&tk_flint=dmpbjs_v8.17.0&x_source.tid=265ea4c2-bfec-4f68-b4c0-8cd860019091&l_pb_bid_id=768ae8ecc005264&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=36e1ff19-5712-4a23-95cf-ca5699981a6b&rp_maxbids=1&p_gpid=4495%2Fphl.business%2Farticle%2Ffeed_right_1&slots=1&rand=0.1745584140002967
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d44190b49b04bd555760c4b9731218fcf034210a1d8e977118106e04fc77e631

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
453
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d2a8a19eb9f2f362d218109433e2a8e7fa62624fefe17e1ad85b5a48eb455a0c

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=867404
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3398b27f194afecff1a1a4781e940cae32faf6ce60f5262c8482ffce959f09

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmiiuEeiUVwX7TzTy7JykOx25dS4uJoM28htolGesRgM7dsNBl1whrtDdWIjzYMWdE8UX%2B0uUdD2sjobjBudMcgX5ObKDwQRdBsWRCWuTQP12TE5oa9emlxLVrW1ScBc%2Fi5MHRrE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816fbc73fdee6925-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&tmax=1500&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUG8YY38
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
23d80f4391ec460292bf14ea01885d8b7ec1a437d71432c2c6227ad88e154028

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
99
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 10:49:36 GMT
hb-multi
hb.yellowblue.io/ 		83 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
657a092375cd127641e04a4959a6f38e02af20b458b9e4c282ca34402a93390a

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.inquirer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		582 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=HtZYnkXBmA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da430fc50b24c2a4d3a10ffa09098ef06d1a2c1363a2e9a7d3fc9f1938f90b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Moebm2s0yGv
pragma
no-cache
wn
prod-dash-10-0-86-78
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
816fbc745a6e4d61-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 1A36 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f3fa4b163b494c224598edd90113fba679a2d3f06f9832d37cb9a8b4db49a1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
816fbc7438e030d6-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 16 Oct 2023 10:49:36 GMT
expires
Mon, 16 Oct 2023 11:04:36 GMT
last-modified
Mon, 16 Oct 2023 10:49:36 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-90-37
x-forwarded-https
on
x-request-id
Moebm2svbKt
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		593 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=HtZYnkXBmA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa4dc88c449f16f019560ecc8ed4df193b57aaf7c9d82f77f9e71e4cbe44f48
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Moebm2s69dR
pragma
no-cache
wn
prod-dash-10-0-117-211
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.005
cache-control
no-cache, no-store, must-revalidate
cf-ray
816fbc745a6f4d61-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame FBD6 		49 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c707243ca250f537df1e799c2b16d01ec999a05f5fa965b1ef8ab783ba7f6c0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
816fbc7458f930d6-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 16 Oct 2023 10:49:36 GMT
expires
Mon, 16 Oct 2023 11:04:36 GMT
last-modified
Mon, 16 Oct 2023 10:49:36 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-135-192
x-forwarded-https
on
x-request-id
Moebm2scdnK
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		589 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=HtZYnkXBmA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72caa354802f965ab00dbd275d34246dd38720ca70ac13f50b97ec2bda86bce
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Moebm2s9j3V
pragma
no-cache
wn
prod-dash-10-0-132-82
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
816fbc747a8f4d61-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 864D 		49 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3bfbe2782dbab39531711f1173b7a04f4064197b24b7097fd8e9044d63804b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
816fbc74791c30d6-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 16 Oct 2023 10:49:36 GMT
expires
Mon, 16 Oct 2023 11:04:36 GMT
last-modified
Mon, 16 Oct 2023 10:49:36 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-125-138
x-forwarded-https
on
x-request-id
Moebm2saGUD
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
06f3fd2f38c9a5cb102b6c407322b7deb9a618aa38ff2217ed3a7d9c19cc89e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 10:49:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Sep 2023 16:42:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36544
Expires
Mon, 16 Oct 2023 11:49:36 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=21&tid=e6c57c05-d460-424f-8037-79a36c8e61ce&pid=655a5bd5-b8b1-4f83-be63-b1c32d5ef880&dtm=1697453376407&qnm=_matherq&visible=1&tabid=e9c66156-756b-4475-9d5f-411e32b7804f&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vp=1600x1200&ds=1600x8059&tofa=1697453376&vid=1&lvidt=1697453376&duid=d5835705-e973-4c50-9790-64b2d266297a&fp=1775131430&cid=ma34789&mrk=234578994&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMyIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjk3NDU1MTc1OTcwIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 16 Oct 2023 10:49:36 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 10:49:36 GMT
envelope
lexicon.33across.com/v1/ 		49 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KiIAAU&src=esp&ver=1.1.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.97.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-97-132.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
afaa484b9cdb55c503cfdffd022f6fa1ce0e070f640c438a18ec556577b75d66

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache
x-server
10.45.10.132
access-control-allow-credentials
true
content-length
60
expires
0
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=4d3e1376-81b5-42e2-95df-99cd3f7d032f
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:36 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 1A36 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
6765
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 01:56:58 GMT
wn
prod-dash-10-0-136-197
server
cloudflare
etag
W/"26850-1696816618000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
816fbc75fb9130d6-FRA
expires
Mon, 16 Oct 2023 12:49:36 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 1A36 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1509372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcfybI1ZA%2B8KCXEWJm%2B5kXD8zEIZjWgyAaZLMFyi%2Ba3jddZwsDz5DpX9mbffwS4wFwuzVj5MmJq7y7JTpIR0DQ2buNobwKTzXP0Z0ta4Fz0ruUB5RYQGDcQiNNFmuFqpgw6A0CObhEeSWfQyX0mSdaet"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc762bf41c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 1A36 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12418827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcq%2BSNO0QUYKVscqXevis48APxO9mkOdZNL4qeUfd4cly2yUqz8I6rS5X%2FcRfEXwCxXIzpNfGf5V4f%2FmONCbcV08ZwDDUOdLDMpGUBw49H2RlGmapBs63bNL75FgjiFbyH8jQngueeisPbg8ra81VTQn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761be91c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A36 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13176964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaJ4Vcl5BKeG9KN5MCMoj3hlTJ2bJYLt9YB0ddIZ6W%2BLBTZ1ZuM0gYPVjXoKDR8XRiMwAucT0v0N0viVgK9eguMRr6bjgm3TcJGCsQSCx4cpTIv78D8LwtMyn0W1Xvjz6Lf%2FyiilT3KdzxvObss8o94V"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761be11c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A36 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5847257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNo%2BDUIyIZT6t912E8uUJ4YSVRNAL%2Ftk115WJvwMcB0ICklEuVg0par9a6qQIoiZrzP5etV4GaRORvVUiaPmOjk1rNpaJtXNX4hxFzuJ1OFtD9oIlAwbU6fz%2Bjxj6O990VhqbKwEOKINk8yCw%2FpwhbTm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc762bf31c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A36 		825 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10003665
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zyh4SNLnkmZFBJMBHxVhBda69JDSLP16xSmp61TYZ5BQrIDHkJwEBB0C7TEj6eVQxWdsIGMfl6Fug15YIXRZQE7Z%2F9CHv7KjuucYVJVVDfsQFYDAXh1jqmZXeX1MB%2FkLGczGAiF1mkqT21Y%2BqTIamw%2Bn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761bea1c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A36 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7990007
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j03kkiQBnzgZux%2FMTKL0x8qzspuXZ%2BwQkS7T%2Be4QGsAc0wMM8icvjw3zWcDnYjqmt5Gey3OPGYGQtN0bSAlPsoP7S7j87BrrGwdjEqKm%2BQwX1wxENdQRnCt0fO9Z04jt4RpBY4PhGCr3a1yuGK%2BPL8AS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761bec1c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 1A36 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14308219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycHCTfCxBNqDEi3eJZ9NY6WiNm%2BJWM6U5GwmxlT%2FfKu%2BRQ0Swji4f7jNXsJmJ%2B%2BZxgiyOwAPBXsrjTjabp47Fq6DLVO%2FlDEgx87s7OKOwR5s13gVJIMfuggZ5Xq%2BijUWz3i7N%2BInbcbTpx5zL3wC31pR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761be31c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 1A36 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13879204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqZRBOJ0%2B%2BifD%2B1g9e%2FBTi4vDNy%2F6ONzG%2BzXqsTJnHKJ6VboryZEgDvD7ZT4Nn6qyviEdFH%2BuCmhI%2FdHzT%2F%2BdQghlKjnEWnsUH%2FpVpzR%2FvtBNCFVwPU8NEEaY6BQcDAUq4Qk9BC3I9jSKeZGQrP0%2Fzas"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761be51c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 1A36 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
320284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ia0kMPYzIuqVztGS31%2BenTpD4v0T%2BixtVVqtB4WGKl9Iey8nUurB1Hb8I2BWAzutZHJ1pp7WNNe%2FyvlWi%2F02kP%2Fe6QltV%2BarXzK7VjYpfs8XMaB9Q%2Baj7OKNHjrdWXX3qZ0i21AVLXGR4zkLB4iOLAl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761beb1c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 1A36 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14795391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrRhMIzVLd371hFB61efdcI%2Fn7I2v%2ByeM6uxjXIPgKQAk67KamZnaXNknozjTbnT5ddjRwkYLfvNK5ozAsvjHv6fYCEqMcGI7bqi3yknuyCjMz%2BruKrFgOx7PpxRRN8vpxDTKJSLKMSuL8jqBxLMsGRg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc761be01c32-FRA
expires
Sat, 05 Oct 2024 10:49:36 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 1A36 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=HtZYnkXBmA&version=1559143095000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3af40d31902959bdbec829ca5260c9028da4b7735c2c6d002bbef158e0b4b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mpebm2seuxE
pragma
wn
prod-dash-10-0-125-138
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
816fbc75fb9630d6-FRA
expires
Tue, 17 Oct 2023 06:49:37 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 1A36 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.19.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
13966
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 01:56:58 GMT
wn
prod-dash-10-0-135-192
server
cloudflare
etag
W/"67876-1696816618000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400
cf-ray
816fbc75fb9730d6-FRA
expires
Tue, 17 Oct 2023 10:49:36 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 1A36 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.19.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7f4d143d8910d1861d5eacc5e441279d7fd7ea5b86b37358f19d97513f6ba0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTIHEAHPGV84&offerId=fakeOfferId&experienceId=EXX0RW9MDSWG&iframeId=offer_876c701c9fec07bdbcf4-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3161
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Oct 2023 13:42:42 GMT
wn
prod-dash-10-0-86-78
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=601639
cf-ray
816fbc75fb9930d6-FRA
expires
Mon, 23 Oct 2023 09:56:55 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame FBD6 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
6765
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 01:56:58 GMT
wn
prod-dash-10-0-86-78
server
cloudflare
etag
W/"26850-1696816618000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
816fbc766f8a9be8-FRA
expires
Mon, 16 Oct 2023 12:49:37 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame FBD6 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1509373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5no55w1KT4yUKOlaMkYc0kU6m7916eBcJ8a17FdAJV4YmZ%2Fal4Gxm99Qjs3HIX7QDIXlxPRQGvP1zEShehNs%2F2oG3oibobPcmZbO2x5MgIcElPhJY0EjAJiUuy%2FOJKA7h3MlwNgDknwTS%2BMVBLSfMksv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c3e1c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame FBD6 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12418828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC7xWTEH4YTvUYqsJN0oNAcxnI8aIJQrlER0ncjNjjn0JsI9gxA0YO1tAMfdtvZ8apAiHF4OIJlVzXMgava7kn2%2B9%2BTPC8KxvRKlL4jlisxr36s682fg%2FWHbLghuJjYGWE1fUSeM0KFdSA0hmhonUs5E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c401c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame FBD6 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13176965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJd%2FYpBn0AxNjjDOVJML%2FcjF%2BvWFNMuNWAXq8y%2B6kcWwkLNXIXR%2BVGzIPSZGkFn%2BlTeyJXgH4w6mODY0DvFSy9DgNvB70F5b9%2Frb7gWj8QIWfiXTHDDub9sumiPiynP%2Bi2NX7jVd9%2FT6mswhX65EPJsX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c421c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame FBD6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5847258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaCbmiq7sJQN0OUpbDU1UDbE0dzJS2xcsbYzw5YJDfLlyut7phAOIfUqk%2BHRkV2RSK2ikDepHEuEtEUkAy6t4q2VNzIe6cUhKk9nO21y%2BW65ObDod1DA2BpAUhucQ%2F8ddSx4N16%2Fz9%2FQmM%2FgpH3hykwm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c431c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame FBD6 		825 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10003666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLQjPmaXmn5iDhjMdZPOuBkglanXX5SgfdMX%2B2hg8mktV0Y0SYWmVu7%2BrCFSwWiwEZcMGrAomRiNqB205Dy0LvvI9jInKeZaSMzoLBuuLROTl%2FW0V0WmLSVBb7nqj7QVs6fhzyRCMBoRvQ5kGhEuqI14"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c441c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame FBD6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7990008
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvO1MzsJKykekYJaR1L7ou%2BpWWK3wLeM8T5rV%2BXPBXtWthXfX4gb8G6jl89LELrZXGURTGlcm4uMiT%2BqnFD4ZQrfLmQnnuSGpKceSfjEE%2Fqwd2na9F80rAapFjQksNeyPsVgnl2dIc3HBmKOjjrZ0BQH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c451c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame FBD6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14308220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Yr62lLE9Ix3z1EW3mB4Brr%2Fykx7XfSGVjCPghdin1IX4RU5ZAfr7GC2JCsQgrs5PbgJpwFAWPH2HOtZlbCA8SDUOJDp577XRff8HyVHcIdzrthrqvue%2Br8GHQMGdre9jacBueIwq4dqizcNrfS%2BKcK5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c461c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame FBD6 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13879205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpmJGbthA59NhyLSnKE8Ob4kFQGlipRVK0D%2BWvNEMMhrqsCAvvtrIuJ4xstdEkhZggUrkVIzJflVJLMp%2FUGgIaOx6FhlE9mg34B%2BoNpR6n0YTN%2Bm%2FlfRNM3BllISF7mg8DYH8ow0Pu2qBcbEyC590bNn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c471c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame FBD6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
320285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA079kSKwxCDJyF%2FONgRoa%2F%2BxmOpTTLxL4Qvzxa9tB%2FLXE6ZeXV%2BQWMOFoqhmCnra8q%2Bwm5UlUFSJd3Jmn%2FRscVR%2Bk8I%2BLBce%2BRDbXzp5FU5FQuOcdoyzp7DHatiGwjrlGf5HoRm3o9aTH1AemGlByCB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c481c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame FBD6 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14795392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUtSgkJj6UM3jgRHWg7Tk6pd2rO3pipNwYx8dArKx4pVKJmBMXdXhKX%2B4halG9akFXoahvy4gd6VxJgom1D7PRowVA8ucHKL4nLr67Qbx6kSvIoaLPOhvK7CSPWNzi346bkKe6I%2BEwy%2F%2Be8BH6fqoHol"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc766c491c32-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame FBD6 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=HtZYnkXBmA&version=1559143095000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3af40d31902959bdbec829ca5260c9028da4b7735c2c6d002bbef158e0b4b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mpebm2sEXqx
pragma
wn
prod-dash-10-0-133-244
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
816fbc766f8f9be8-FRA
expires
Tue, 17 Oct 2023 06:49:37 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame FBD6 		66 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.19.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
13966
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 01:56:58 GMT
wn
prod-dash-10-0-120-20
server
cloudflare
etag
W/"67876-1696816618000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
816fbc766f929be8-FRA
expires
Tue, 17 Oct 2023 10:49:37 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame FBD6 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.19.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7f4d143d8910d1861d5eacc5e441279d7fd7ea5b86b37358f19d97513f6ba0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3162
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Oct 2023 13:42:42 GMT
wn
prod-dash-10-0-91-62
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=601638
cf-ray
816fbc766f949be8-FRA
expires
Mon, 23 Oct 2023 09:56:55 GMT
DiningGuide-Paywall-updated.png
media.inquirer.com/assets/ Frame FBD6 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/DiningGuide-Paywall-updated.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
628f36dfadf4d9dbdf5e1eaf8f46cf77acf6a106d7c02be14e8722f2964a8280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 21:57:29 GMT
x-amz-version-id
pyMUVcL236tH5TiwA12z639CzOWLomft
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 20:40:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
46329
etag
"71aa0354ede8419ef108f2132b285f07"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
156390
x-amz-cf-id
2gUKTKW-V7i2XqvF3TGQNVN3G4fcBXM3yoKH6aiErAINJmOCAXI5OQ==
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3639582153038111&correlator=2997650148574906&eid=31078806%2C676982996%2C44769661&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4495%2Cphl.business%2Carticle%2Cinline_1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&didk=390648496&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0be7d2a615d7f8b4%3AT%3D1697453376%3ART%3D1697453376%3AS%3DALNI_MZZBJC5uxkZ7TQGpdFxFNe1-JOdLQ&gpic=UID%3D00000c9a0945e807%3AT%3D1697453376%3ART%3D1697453376%3AS%3DALNI_MZzhzVWUEQB5SkYBkKC70XWTCVYdw&abxe=1&dt=1697453377121&lmt=1697445625&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGskFeidAmcVviq-uAjzDXtqwBKQhgnXfAn9asJFttrVerh0vI9ey5a8xpelpu7xgSt75BwEGgGiceqc2hxbwdcJGgzBxW5A4toFg&ga_vid=816115706.1697453375&ga_sid=1697453376&ga_hid=991142149&ga_fc=true&ga_cid=152868007.1697453375&a3p=EhsKDDMzYWNyb3NzLmNvbRjXhezAszFIAFICCGQSGQoKdWlkYXBpLmNvbRjXhezAszFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNeF7MCzMUgAUgIIZBIcCg1jcndkY250cmwubmV0GNeF7MCzMUgAUgIIZBI7CgpwdWJjaWQub3JnEiRiMWIxZjc3ZS03ZjMxLTRlMWEtYWU3NS00MzUyNzdmNTY1NGEYtojswLMxSAASFwoIcnRiaG91c2UY14XswLMxSABSAghkEhQKBW9wZW54GNeF7MCzMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjXhezAszFIAFICCGQ.&cbidsp=Co4CCAESGwoGdHJ1c3R4ENMGIAJSBGdyaWRSBnRydXN0eBIRCgRyaXNlEJ4EIAJSBHJpc2USHQoKdHJpcGxlbGlmdBCxBCACUgp0cmlwbGVsaWZ0EhsKCXVuZGVydG9uZRDIAiACUgl1bmRlcnRvbmUSHwoLbWludXRlbWVkaWEQ7gMgAlILbWludXRlbWVkaWESFwoHcnViaWNvbhDpBSACUgdydWJpY29uEhkKCG1lZGlhbmV0EKMEIAJSCG1lZGlhbmV0Eg0KAml4EKQEIAJSAml4GAIiJGQ5MmY3MzNkLTFlMTgtNGI4Mi04N2VmLWFiYmM5NmVhMWIwOCoECAMgADIHdjguMTcuMEDcC0oA&dlt=1697453373443&idt=2665&prev_scp=day_of_week%3D1%26hour%3D10%26date%3D101623%26article_id%3DYXFDLQ6PXZHG3CIIPAFQNM2344%26slot_name%3Dphl.business%26article_sections%3DBusiness%252C%2520Washington%2520Post%252C%2520Wires%252C%2520%252C%2520Technology%252C%2520Nation%2520%2526%2520World%252C%2520News%26platform%3Dfusion%26content_type%3Dstory%26content_subtype%3Dsubtype-regular%26user_status%3DLogged%2520Out%26position%3Dmrec_21%26position_type%3Dmrec_21_article%26url_path%3Dbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html%26mnadc%3Dad72&cust_params=permutive%3Drts%26puid%3Ded3dbb2d-5a88-4528-ac75-ebfd803662ab%26ptime%3D1697453376186%26prmtvvid%3De3c09edc-16df-4642-8294-047a421553b5%26prmtvwid%3Df279b5ea-1200-4ff6-9d35-17893279723e%26amznbid%3D0%26amznp%3D0%26prmtvsdk%3Dweb&adks=483001898&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425eefa714c887d9fd3dc85f3cb130af9722b4834f31544b166914a27ec794ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11821
x-xss-protection
0
google-lineitem-id
6362966158
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138350724279
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 864D 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
6765
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 01:56:58 GMT
wn
prod-dash-10-0-86-78
server
cloudflare
etag
W/"26850-1696816618000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
816fbc7718599be8-FRA
expires
Mon, 16 Oct 2023 12:49:37 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 864D 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
639230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeFKPbkfN8dh3vnSQACvwmnvbAdlRjrS%2BMz%2FxUZixaWiK2eSWWa%2Fh06edTXW3%2FRmND6wcJDgxZJ2FWSy42EUgp7rf8ngfvDncD5E0KIk4AWs3Sb2nisz5odTsQJVrf5TypRGVvTUgpFFh5LU3OBn27DS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d565be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 864D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8183013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeSQqa5b2gy6JgVsiON%2BTcV86E61xUT8agbLF7i0mahVaw%2FQKHH7th2rD4Vda2ULtOpV8zznFIU%2BuAKojfyjuOp4v8VvHkSkRGAhwQvWbsPvbXV5jYTcWZaDCgvLmPHElZnuNV5B%2F89FcEpmgmm19s9L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d575be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 864D 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12211148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff2LgkFNTO8UVV5aofc1C1EFjrDWJAZFi6MHHFNRccWP7o4juCzP2jlTo0i%2BlXiSf6BVW0N7KxPHvWaUaSRbfk50MvwAqBZ8VSaPYHOtagVuInJjI0eFx2Up1P8aEh9XVnvO7paA%2FJbfrzQ%2BLqnlZql%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d585be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 864D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3300495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs56RNUFGg00%2BZ%2FIznhNOdm8FeXYy6PqxOiXV9Q%2F3xP%2FwJrkzt3tY6Kv8QYkYRVTouq%2FNTO0H%2B3%2BC1ei7bQjyjQXQjokN4YFjPdT0PSpFYIe6DcnpZWTzAJpa%2BTV4qBeNNXU0nUzNN%2BKs7eJvgGJP7si"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d595be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 864D 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11970801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkAq%2BiK6uu0QFAkbmbn3bBjTpFwskG%2BOP4S2DJsME2fm266ycF%2Boyy%2FQ9GTQ3IXrNBwyDDX9A2e6AIjLRQD%2Fwup9CGN%2BzUJ1GFUZrPzx2uN7AkpayjxGeaep24YspzkPjPZWW5t8hK5bEdBa4Jq0hrKW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d5a5be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 864D 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14835970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1rej1K8Dg3mBwhIytNxqG0p2UaFXR8Qk%2FUeGFu25zbJjrWPpo4rhV6zowfuou7WQ6JpXvLiFaUWVxxE4xMS0ECBd9OYVbfVnG4o95BiV2eb8h%2Fn%2FG%2FAIU1R7C9SIcTeuLIzN1GkYi1VhqfCyJ1OpY%2Bz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d5b5be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 864D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5250022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
956
last-modified
Thu, 22 Jun 2023 10:44:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942627-3bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1qxlb1GVarYnnwOR7ygrOULTRMDeUdmkEa7eEECnUwa8li12rIec2G8Xp1BvTo4OkEIop9kCdpacCh2N7mqwDYztSCzHipQU5NUtRPwcDD%2BgSDqZ6I795c5z0bX4T%2BWqfAyYW4gMmUHxWx%2B6630rkn7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d5c5be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 864D 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7063378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Thu, 22 Jun 2023 10:45:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942630-1d42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkM5JS4m9zmlgMadHJ79T6Lg2a%2BGsc8D1OpfBqZXzIuyk8lZEQ4KrykpnZISrkKRPQ4wBZl06BrVyquV2Avc%2B1f06Ma3ankNDZ3n7tt1ly0W%2BIyRxafCTdqvsbWdyEq%2FC2ndE2Btg7bOQ9oeOf7ZU8v4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d5d5be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 864D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8686420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dgpdp4F9bAzLLYI46%2F4T3EwTp%2FK%2FGvSBeAk4Nt0ICsM%2FBB1fVx4pYaBIbLkJgt%2Bsnl%2FVTLv5D8EXAmxueTgHDpnwvETUkPMM5CSKtNCd2DStPRlUB08t4B%2FNhmmuhMSQvI8TF6isaofnC6v699E8hstx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d605be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 864D 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17928802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEjayDRUx5do5AyslwJN9Gm1F08LBolKaoMa59EN1gVzF29klxobDBCIRySOWVf1lJgnOBORTupd4b09iCXnabLm0Ec4ArNWIz3UOmnIM9HVLKUThegSBmSW8qCv%2Bux3X6OBZagYp7ZpHagDqxym6j3n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc771d615be5-FRA
expires
Sat, 05 Oct 2024 10:49:37 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 864D 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=HtZYnkXBmA&version=1559143095000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3af40d31902959bdbec829ca5260c9028da4b7735c2c6d002bbef158e0b4b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mpebm2sFP99
pragma
wn
prod-dash-10-0-134-101
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
816fbc77185f9be8-FRA
expires
Tue, 17 Oct 2023 06:49:37 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 864D 		66 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.19.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
13966
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 01:56:58 GMT
wn
prod-dash-10-0-120-20
server
cloudflare
etag
W/"67876-1696816618000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
816fbc7718619be8-FRA
expires
Tue, 17 Oct 2023 10:49:37 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 864D 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.19.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7f4d143d8910d1861d5eacc5e441279d7fd7ea5b86b37358f19d97513f6ba0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3162
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Oct 2023 13:42:42 GMT
wn
prod-dash-10-0-91-62
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=601638
cf-ray
816fbc7718629be8-FRA
expires
Mon, 23 Oct 2023 09:56:55 GMT
DiningGuide-Paywall-updated.png
media.inquirer.com/assets/ Frame 864D 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/DiningGuide-Paywall-updated.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
628f36dfadf4d9dbdf5e1eaf8f46cf77acf6a106d7c02be14e8722f2964a8280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 21:57:29 GMT
x-amz-version-id
pyMUVcL236tH5TiwA12z639CzOWLomft
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 20:40:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
46329
etag
"71aa0354ede8419ef108f2132b285f07"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
156390
x-amz-cf-id
xZDGUqsQepP8CSYC1QdZzKP7BjaBJg4Q1aLJA9Nqt_dm5td5T0YiQw==
a5ba4731b97b4c47764303e23303f06a
p543.inquirer.com/plugin/plugin/ 		151 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/plugin/plugin/a5ba4731b97b4c47764303e23303f06a
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
c56d55379aeb0284a29703c3db4887db088dadd0d7899a6c9f76af73f793fd74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 19:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
age
399847
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
35731
x-xss-protection
1; mode=block
last-modified
Tue, 10 Oct 2023 19:45:30 GMT
server
-
etag
a5ba4731b97b4c47764303e23303f06a
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
wx-fp_h024-gkLrowRmPAriOl6Zaa0trWjwJh3oN_RA2cRAVRnVzNw==
expires
Thu, 10 Oct 2024 19:45:30 GMT
sid
mug.criteo.com/ Frame B0E5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=inquirer.com&sn=ChromeSyncframe&so=0&topUrl=www.inquirer.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=HQYB9Xx6MkR1VmRFL2doSXZLcUVEMmNuOUZVaGU1K3huRW12ZS9ubEFrRWpYemVLd0FNWUhTelQwY2NWNFFWK1gvcUs4aWN4WUdiSHFBb0NLajB3MG9iSlQyWk9tbW03VkIwaDFpdVpkMDJpaGNaUDRJaU5QVVRtbHk4Vm...
436 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HQYB9Xx6MkR1VmRFL2doSXZLcUVEMmNuOUZVaGU1K3huRW12ZS9ubEFrRWpYemVLd0FNWUhTelQwY2NWNFFWK1gvcUs4aWN4WUdiSHFBb0NLajB3MG9iSlQyWk9tbW03VkIwaDFpdVpkMDJpaGNaUDRJaU5QVVRtbHk4VmdYbzgybEthUFJlUXF5bWhwOUxLRndKc0p6WUp4Wm9OTitQYkNSUEpmV0RSS0xUV2V6dU1sZU5lL295cXk3VDZ2Y3NHVU9VSXFjUXdmcnJxaGEyNmNTS1FNUHEwaFVNYTJ0cXBPNE1hRlNQNkZmL1k4Ulp3c0VDZWxrcTVqOGZxVEVsZVN1Zldjc3d5VlJDVW9pYVVPSTZ2ZXBJek9YY0tGWkRoZU5lM29LUzFXNitjMTZzOD18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ce63c819978360e37e152ecdd8a20d6aac08378044f11342c6ef5ad26fcefd14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1086852
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=HQYB9Xx6MkR1VmRFL2doSXZLcUVEMmNuOUZVaGU1K3huRW12ZS9ubEFrRWpYemVLd0FNWUhTelQwY2NWNFFWK1gvcUs4aWN4WUdiSHFBb0NLajB3MG9iSlQyWk9tbW03VkIwaDFpdVpkMDJpaGNaUDRJaU5QVVRtbHk4VmdYbzgybEthUFJlUXF5bWhwOUxLRndKc0p6WUp4Wm9OTitQYkNSUEpmV0RSS0xUV2V6dU1sZU5lL295cXk3VDZ2Y3NHVU9VSXFjUXdmcnJxaGEyNmNTS1FNUHEwaFVNYTJ0cXBPNE1hRlNQNkZmL1k4Ulp3c0VDZWxrcTVqOGZxVEVsZVN1Zldjc3d5VlJDVW9pYVVPSTZ2ZXBJek9YY0tGWkRoZU5lM29LUzFXNitjMTZzOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
271640
content-length
0
expires
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=21&tid=9a98c6ef-8689-4456-99ff-ff334abc7978&pid=655a5bd5-b8b1-4f83-be63-b1c32d5ef880&dtm=1697453376658&qnm=_matherq&visible=1&tabid=e9c66156-756b-4475-9d5f-411e32b7804f&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vp=1600x1200&ds=1600x8059&tofa=1697453376&vid=1&lvidt=1697453376&duid=d5835705-e973-4c50-9790-64b2d266297a&fp=1775131430&cid=ma34789&mrk=234578994&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9USUhFQUhQR1Y4NCIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic3Vic2NyaWJlX2J1dHRvbl9vb20iLCJleHBlcmllbmNlSWQiOiJFWFgwUlc5TURTV0ciLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImtleXdvcmRzIjpbInplcm8tY2xpY2staGFja3Mtc3B5LXBob25lLXBlZ2FzdXMiXSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiI4MTYxMTU3MDYiLCJyZWZUaW1lIjoiMTY5NzQ1MzM3NjY1NyJ9XX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 16 Oct 2023 10:49:37 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		99 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3639582153038111&correlator=2997650148574906&eid=31078806%2C676982996%2C44769661&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4495%2Cphl.business%2Carticle%2Ctop_banner&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=3&didk=3411080434&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0be7d2a615d7f8b4%3AT%3D1697453376%3ART%3D1697453376%3AS%3DALNI_MZZBJC5uxkZ7TQGpdFxFNe1-JOdLQ&gpic=UID%3D00000c9a0945e807%3AT%3D1697453376%3ART%3D1697453376%3AS%3DALNI_MZzhzVWUEQB5SkYBkKC70XWTCVYdw&abxe=1&dt=1697453377209&lmt=1697445625&adxs=315&adys=161&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vis=1&psz=1600x90&msz=1600x0&fws=0&ohw=0&psts=AOrYGskFeidAmcVviq-uAjzDXtqwBKQhgnXfAn9asJFttrVerh0vI9ey5a8xpelpu7xgSt75BwEGgGiceqc2hxbwdcJGgzBxW5A4toFg&ga_vid=816115706.1697453375&ga_sid=1697453376&ga_hid=991142149&ga_fc=true&ga_cid=152868007.1697453375&a3p=EhsKDDMzYWNyb3NzLmNvbRihjezAszFIAFICCG8SGQoKdWlkYXBpLmNvbRjXhezAszFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOqM7MCzMUgAUgIIahIcCg1jcndkY250cmwubmV0GNeF7MCzMUgAUgIIZBI7CgpwdWJjaWQub3JnEiRiMWIxZjc3ZS03ZjMxLTRlMWEtYWU3NS00MzUyNzdmNTY1NGEYtojswLMxSAASFwoIcnRiaG91c2UY14XswLMxSABSAghkEhQKBW9wZW54GNeF7MCzMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjXhezAszFIAFICCGQ.&cbidsp=CvEBCAESEQoEcmlzZRCDAyACUgRyaXNlEhcKB3J1Ymljb24QzAQgAlIHcnViaWNvbhIdCgp0cmlwbGVsaWZ0EMMEIAJSCnRyaXBsZWxpZnQSDQoCaXgQwQQgAlICaXgSHwoLbWludXRlbWVkaWEQhgQgAlILbWludXRlbWVkaWESGwoGdHJ1c3R4EP8FIAJSBGdyaWRSBnRydXN0eBIZCghtZWRpYW5ldBC5BCACUghtZWRpYW5ldBgCIiQ2MWE4ZmQ3NS1mOTQ1LTRmM2QtOGQzNS00ZWI2ZTNhZmRhZjkqBAgDIAAyB3Y4LjE3LjBA3AtKAA..&dlt=1697453373443&idt=2665&prev_scp=day_of_week%3D1%26hour%3D10%26date%3D101623%26article_id%3DYXFDLQ6PXZHG3CIIPAFQNM2344%26slot_name%3Dphl.business%26article_sections%3DBusiness%252C%2520Washington%2520Post%252C%2520Wires%252C%2520%252C%2520Technology%252C%2520Nation%2520%2526%2520World%252C%2520News%26platform%3Dfusion%26content_type%3Dstory%26content_subtype%3Dsubtype-regular%26user_status%3DLogged%2520Out%26position%3Dslider%26position_type%3Dslider_article%26url_path%3Dbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html%26amznbid%3D2%26amznp%3D2%26mnadc%3Dad5909&cust_params=permutive%3Drts%26puid%3Ded3dbb2d-5a88-4528-ac75-ebfd803662ab%26ptime%3D1697453376186%26prmtvvid%3De3c09edc-16df-4642-8294-047a421553b5%26prmtvwid%3Df279b5ea-1200-4ff6-9d35-17893279723e%26amznbid%3D0%26amznp%3D0%26prmtvsdk%3Dweb&adks=3510941793&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8c9bfc6297936be188b308554f7493e7abc04819739e3ce54615846545e42ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25056
x-xss-protection
0
google-lineitem-id
6381741010
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138447362353
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa401451-4d24-4567-baab-5500a33de2d2.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 6920 		138 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/fa401451-4d24-4567-baab-5500a33de2d2.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
519f2477e77c3a5884c2891734ec016c189033f43a47cc3d0afbf4d4d5a405a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
srD54nscWxl2DeES.xboC7YVpI6GV6pZ
date
Sun, 15 Oct 2023 15:12:41 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:53:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
70749
x-amz-server-side-encryption
AES256
etag
"ef5c71f510fd5004adecc665176ce605"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
138
x-amz-cf-id
EAuaew0CxxCqreG7jtL6eSLRxkH9dUPWdxfM0OcFGTjM8v5OU8z0NA==
view
securepubads.g.doubleclick.net/pcs/ Frame 6920 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2KLc16WmMOR9PY2K1_SMfKNCPYOSu3hGMTZcXdMuff12e2T2LtwgOkH-Ja9yUzw-jDTwFsZfKi5Kc-xYWzL2aDahz9Zd_UOr7T5Q22n6o5LluynS4yuIfjW4r3dx1z5A3Mt1IRurX6ZWoMz7eEbb9_fbsRLHXdYqt5BdDpH1Hr7TweXZKoQCMwYxvp0lTxX5co5sTbwYge4_oujmRjJQUgemYzEf5iM9KAiJ_RFbtbEzhSeZWWKQNKM_EEFkjeU0vW49FV_ItXEvkHKc4AcVi4-2TIBSG1vLF2vzxISzd2oRzJyLsLWRQY3glQl_UqyhZ76_5YbOUGdwSdA8NBWYTuLE&sai=AMfl-YRDi7ugvFLaBneAiyvVU10EuwoGqeUSwbrFoV__BMsYvP1zY23d7B7u3aPK5vo0J3t3f3yofP4XMqUs4trxu8mkGQ8BRLvnNsLSJm9JEl6Obk_IqK7QaupNj-4Bhw&sig=Cg0ArKJSzLuIEh8yS800EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame 6920 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=295498876
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 03:18:04 GMT
content-encoding
br
age
286293
x-guploader-uploadid
ADPycdsneivhpXsCHkDhm7O4YypBM1lk2JmF8tNZAQcXo5k4F2uMwBEtJLc7t7gXQyjyWAx-lV1r8CHfwQCntsO18HGvNw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
834
last-modified
Thu, 12 Oct 2023 17:49:58 GMT
server
UploadServer
etag
W/"e834a0cd12abffd04acda8e08953a77a"
vary
Accept-Encoding
x-goog-generation
1697132998534856
x-goog-hash
crc32c=PdRfKg==, md5=6DSgzRKr/9BKzajgiVOneg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
2317
accept-ranges
none
content-type
text/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6920 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 10:49:37 GMT
pixel
protected-by.clarium.io/ Frame 6920 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_UktDWmZDZmpncmV4aHpxVl80UmpBanI1cDVvLzMxNjQ5Mjc3MDc6MXgx&v=5&s=v31hcs1m1og&id=eyJkZnAiOnsiYWQiOjUyNzg3OTQ3MDMsImMiOjEzODQyNTUwOTc0NiwibCI6NjI0MDkxMDQ2MSwibyI6MzE2NDkyNzcwNywiQSI6IjQ0OTUvcGhsLmJ1c2luZXNzL2FydGljbGUvMXgxXzEiLCJ5IjowLCJjbyI6MCwicyI6ImFkMjkwMSJ9fQ%3D%3D&cb=2708157&h=www.inquirer.com&d=eyJ3aCI6IlVrdERXbVpEWm1wbmNtVjRhSHB4Vmw4MFVtcEJhbkkxY0RWdkx6TXhOalE1TWpjM01EYzZNWGd4Iiwid2QiOnsibyI6MzE2NDkyNzcwNywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.149.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-149-175.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 16 Oct 2023 10:49:37 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
litype.php
contextual.media.net/ 		113 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/litype.php?&cid=8CUG8YY38&lid=6240910461&callback=window.mnjs.callback.autoRefreshResponseParser
Requested by
Host: warp.media.net
URL: https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CUG8YY38&dn=www.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d51e19ac12580eb58ddf3eee753073d68818f7aaf282375238657ab9fbc47028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 10:49:37 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1122
content-length
113
x-mnet-hl2
E
expires
Mon, 16 Oct 2023 11:08:19 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 16 Oct 2023 11:19:37 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9HHXKD70G8&gtm=45je3ab0&_p=991142149&cid=816115706.1697453375&ul=en-us&_geo=1&_rdi=1&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dr=&sid=1697453374&sct=1&seg=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9HHXKD70G8&gtm=45je3ab0&_p=991142149&cid=816115706.1697453375&ul=en-us&_eu=AEI&_geo=1&_rdi=1&_s=3&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dr=&sid=1697453374&sct=1&seg=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&en=ad_impression&ep.authors=Ryan%20Gallagher&ep.published_time=202202270502&ep.section_targets=%2Fbusiness%7C%2Fwires%2Fwp%7C%2Fwires%7C%7C%2Fbusiness%2Ftechnology%7C%2Fnews%2Fnation-world%7C%2Fnews&ep.source_name_ans=Bloomberg&ep.content_id=YXFDLQ6PXZHG3CIIPAFQNM2344&ep.article_length_label=long&ep.content_published_time_iso=2022-02-27T05%3A02%3A00-05%3A00&ep.sub_section=business&ep.sub_sub_section=business&ep.source_type_ans=wires&ep.content_subtype=subtype-regular&ep.seo_keywords=zero-click-hacks-spy-phone-pegasus&ep.story_tags=No%20Value%20Set&ep.clavis_topics=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&ep.clavis_auxiliaries=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&ep.source_system=composer&ep.title=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&ep.section_primary=business&ep.content_type=article&ep.page_url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&ep.auth0=No%20Value%20Set&ep.update_time=2022-02-27T05%3A02%3A00-05%3A00&ep.login_status=Logged%20Out&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36&ep.timezone=Europe%2FBerlin&epn.custom_timestamp=1697453376933&ep.custom_cookie_value=none%20%7C%20none%20%7C%20none%20%7C%20%20%7C%20&ep.query_id=CLKUnsyy-oEDFY2G_QcdKBEBlA&_et=190
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&metered=1%7C1&metername=NewsletterModalMeter&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=21&tid=914f8ea6-fc03-4c2d-9c0a-8aa9a2683f29&pid=655a5bd5-b8b1-4f83-be63-b1c32d5ef880&dtm=1697453376706&qnm=_matherq&visible=1&tabid=e9c66156-756b-4475-9d5f-411e32b7804f&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vp=1600x1200&ds=1600x8059&tofa=1697453376&vid=1&lvidt=1697453376&duid=d5835705-e973-4c50-9790-64b2d266297a&fp=1775131430&cid=ma34789&mrk=234578994&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UWk1GNElRWDRRVCIsImRpc3BsYXlNb2RlIjoibW9kYWwiLCJleHBlcmllbmNlQWN0aW9uSWQiOiJzdWJzY3JpcHRpb25fc3RvcF9hcmNoaXZlX29vbV9jIiwiZXhwZXJpZW5jZUlkIjoiRVgzMFlGR0xFREM0Iiwib2ZmZXJJZCI6ImZha2VPZmZlcklkIiwic2hvd0Nsb3NlQnV0dG9uIjoiMCJ9fSwidmVuZG9yIjoicGlhbm8iLCJ0eXBlIjoidW5rbm93biJ9LCJrZXl3b3JkcyI6WyJ6ZXJvLWNsaWNrLWhhY2tzLXNweS1waG9uZS1wZWdhc3VzIl0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODE2MTE1NzA2IiwicmVmVGltZSI6IjE2OTc0NTMzNzY3MDUifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 16 Oct 2023 10:49:37 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 58F9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 08:05:16 GMT
expires
Tue, 15 Oct 2024 08:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FC59 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc0c6617c8fcc8faaa4257a4e306c1605139fe9777d5e99f41e9bd25f3a3c9db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ByvOmx30PHwLGTPSG7RQvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ByvOmx30PHwLGTPSG7RQvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:37 GMT
expires
Mon, 16 Oct 2023 10:49:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pd
google-bidout-d.openx.net/w/1.0/ Frame 627F 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 16 Oct 2023 10:49:37 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3639582153038111&correlator=2997650148574906&eid=31078806%2C676982996%2C44769661&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4495%2Cphl.business%2Carticle%2Cright_1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C160x600&ifi=4&didk=3411082201&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0be7d2a615d7f8b4%3AT%3D1697453376%3ART%3D1697453376%3AS%3DALNI_MZZBJC5uxkZ7TQGpdFxFNe1-JOdLQ&gpic=UID%3D00000c9a0945e807%3AT%3D1697453376%3ART%3D1697453376%3AS%3DALNI_MZzhzVWUEQB5SkYBkKC70XWTCVYdw&abxe=1&dt=1697453377470&lmt=1697445625&adxs=990&adys=539&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&psts=AOrYGskFeidAmcVviq-uAjzDXtqwBKQhgnXfAn9asJFttrVerh0vI9ey5a8xpelpu7xgSt75BwEGgGiceqc2hxbwdcJGgzBxW5A4toFg%2CAOrYGskLljNM0bdxLknq6FeuVZLU2nHBKR1CRHWXpY6rNPPN8FSeD4W9u9Ql0Agt6_uVMcwV8wqM1N1Ps0OXP4ArZPdJBR3EdEDUYxZN&ga_vid=816115706.1697453375&ga_sid=1697453376&ga_hid=991142149&ga_fc=true&ga_cid=152868007.1697453375&a3p=EhsKDDMzYWNyb3NzLmNvbRihjezAszFIAFICCG8SGQoKdWlkYXBpLmNvbRjXhezAszFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOqM7MCzMUgAUgIIahIcCg1jcndkY250cmwubmV0GNeF7MCzMUgAUgIIZBI7CgpwdWJjaWQub3JnEiRiMWIxZjc3ZS03ZjMxLTRlMWEtYWU3NS00MzUyNzdmNTY1NGEYtojswLMxSAAS7gEKCHJ0YmhvdXNlEtgBWEpYOU1VbEl5SWpUTGxnbDJBeDhQQ0YyZ0YxUGtvZlBPSFFQeUlDM2NxR3lIV3YvZEQ2TUhHWTdTZkxSRXJIYndWVmZROGQrUkMrMzdmaStpYjlVTzBjbmpIWGJkNkYzMnhyM1dmVENiaEFrY2UzU1NGQ0Z6QXhiNmNZa0F4dUhDNnkyWklGdWxNYVBqM3lTdXlGZDZZdkphaU9qcW9FOWVTdlI4aENDQm5xT1ZtdXZ3U1huSFRQbitqaXNQcHdmdGFIVUVad0kxOUpUbHBhV0J5RXdJUT09GMCO7MCzMUgAEj4KBW9wZW54EixleUpwSWpvaVlrSlVSV2RKVGxOU1dXMHJNR1Z6VTI5Q04xUkZaejA5SW4wPRisj-zAszFIABIdCg5lc3AuY3JpdGVvLmNvbRjXhezAszFIAFICCGQ.&cbidsp=CvEBCAESDQoCaXgQ0wIgAlICaXgSHwoLbWludXRlbWVkaWEQ3gMgAlILbWludXRlbWVkaWESHQoKdHJpcGxlbGlmdBCWBCACUgp0cmlwbGVsaWZ0EhkKCG1lZGlhbmV0EN0DIAJSCG1lZGlhbmV0EhsKBnRydXN0eBDSBiACUgRncmlkUgZ0cnVzdHgSEQoEcmlzZRDsCCACUgRyaXNlEhcKB3J1Ymljb24QkwQgAlIHcnViaWNvbhgCIiQ0ZjFiM2RlOS0wYjhiLTQ0ZDgtODBmNy1mYTRjOWJjMWE1NmYqBAgDIAAyB3Y4LjE3LjBA3AtKAA..&dlt=1697453373443&idt=2665&prev_scp=day_of_week%3D1%26hour%3D10%26date%3D101623%26article_id%3DYXFDLQ6PXZHG3CIIPAFQNM2344%26slot_name%3Dphl.business%26article_sections%3DBusiness%252C%2520Washington%2520Post%252C%2520Wires%252C%2520%252C%2520Technology%252C%2520Nation%2520%2526%2520World%252C%2520News%26platform%3Dfusion%26content_type%3Dstory%26content_subtype%3Dsubtype-regular%26user_status%3DLogged%2520Out%26position%3Dmrec%26position_type%3Dmrec_article%26url_path%3Dbusiness%252Fzero-click-hacks-spy-phone-pegasus-20220227.html%26amznbid%3D2%26amznp%3D2%26mnadc%3Dad5999&cust_params=permutive%3Drts%26puid%3Ded3dbb2d-5a88-4528-ac75-ebfd803662ab%26ptime%3D1697453376186%26prmtvvid%3De3c09edc-16df-4642-8294-047a421553b5%26prmtvwid%3Df279b5ea-1200-4ff6-9d35-17893279723e%26amznbid%3D0%26amznp%3D0%26prmtvsdk%3Dweb&adks=2122904749&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js?cb=31078806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
787773c0f5420699e0fc041141595ef611aa2a9f13bfbe565397044ab205f9c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10146
x-xss-protection
0
google-lineitem-id
6381310295
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138448321833
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
DiningGuide-Paywall-updated.png
media.inquirer.com/assets/ Frame FBD6 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/DiningGuide-Paywall-updated.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_057f1b1829eeb12cf435-0&displayMode=modal&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
628f36dfadf4d9dbdf5e1eaf8f46cf77acf6a106d7c02be14e8722f2964a8280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 21:57:29 GMT
x-amz-version-id
pyMUVcL236tH5TiwA12z639CzOWLomft
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 20:40:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
46329
etag
"71aa0354ede8419ef108f2132b285f07"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
156390
x-amz-cf-id
vyPEdJeiQUha9aycbwwJABOqnQ2r37BRPg796IDkYJvgUkHsqnKwRg==
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Mon, 16 Oct 2023 11:04:37 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
39616d23ac8e07f25a70bba6f2e231e2db04d204ca0c63503d6ba03c1bb9aa7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.inquirer.com
date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
DiningGuide-Paywall-updated.png
media.inquirer.com/assets/ Frame 864D 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/DiningGuide-Paywall-updated.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
628f36dfadf4d9dbdf5e1eaf8f46cf77acf6a106d7c02be14e8722f2964a8280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 21:57:29 GMT
x-amz-version-id
pyMUVcL236tH5TiwA12z639CzOWLomft
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 20:40:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
46329
etag
"71aa0354ede8419ef108f2132b285f07"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
156390
x-amz-cf-id
3pRDBB3TZMW5pJHN7LCgRJ0Dh3c67vvf0wuLvnaS_s_XMIT__SiLeA==
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 864D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
6766
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
content-length
2177
last-modified
Fri, 13 Oct 2023 13:42:42 GMT
wn
prod-dash-10-0-125-138
server
cloudflare
etag
W/"2177-1697204562000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
816fbc7a4c6a9be8-FRA
expires
Mon, 16 Oct 2023 12:49:37 GMT
Grot10-MediumWEB.woff2
media.inquirer.com/fonts/ Frame 864D 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/Grot10-MediumWEB.woff2
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c73d7364434e85520404d42d76844278dcdb812f2d6665b1a49c2b9e00dfa943

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:13:31 GMT
x-amz-version-id
P_rlkfMWCiJOcMrWBAYzUxElz21if22m
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
124567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63152
last-modified
Tue, 04 Apr 2023 16:24:16 GMT
server
AmazonS3
etag
"4e9680037dffa9c70996c2a1d6fde97a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://buy.tinypass.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
3106P0o8Elz8SvEkmhgdn_Y1LUEWLkUqk3aMYv9MqGjbrDrFKrym_Q==
Inquirer_Nameplate_RGB.png
media.inquirer.com/assets/ Frame 864D 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/Inquirer_Nameplate_RGB.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7795dd9e45c558b1cded4e3ffe720164ffad6903e432ae7be78c53d82182e25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ncP2Fe.ZthNunDee_fDIvXXNSbmdsnts
date
Mon, 16 Oct 2023 05:14:52 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 15:57:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
20086
etag
"58173e13f5406e42262d8bdd7d1a0f18"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
145669
x-amz-cf-id
cOehu8KZhcIWT863asb1D5gPXePIRrxb0SC5Y3Ps0N1AtQrCykab2A==
InquirerHeadline-BoldWEB.woff2
media.inquirer.com/fonts/ Frame 864D 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/InquirerHeadline-BoldWEB.woff2
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=HtZYnkXBmA&templateId=OTZMF4IQX4QT&offerId=fakeOfferId&experienceId=EX30YFGLEDC4&iframeId=offer_3f0bd5fdb0ca13f39968-0&displayMode=inline&widget=template&url=https%3A%2F%2Fwww.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1100e6cd4c1c8da05e9491cd6a1b97257ee60421048b264de395b2d5952d993f

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 20:55:46 GMT
x-amz-version-id
Hsno0FKcB5A6H4D3ZaSdcC1AwY49wkcq
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
136432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36972
last-modified
Tue, 04 Apr 2023 16:27:43 GMT
server
AmazonS3
etag
"0cbc2298cfd5d460f57d7b6b202bb1f8"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://buy.tinypass.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
tnMtbegBzO-ujFqW5cdbm9KcNDi32MsK_l4lbrT9VqWzsntWhSLhjQ==
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&metername=NewsletterModalMeter&metered=1%7C1&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=21&tid=8ab6b61d-8037-4db2-9521-96182e374ced&pid=655a5bd5-b8b1-4f83-be63-b1c32d5ef880&dtm=1697453376714&qnm=_matherq&visible=1&tabid=e9c66156-756b-4475-9d5f-411e32b7804f&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vp=1600x1200&ds=1600x4389&tofa=1697453376&vid=1&lvidt=1697453376&duid=d5835705-e973-4c50-9790-64b2d266297a&fp=1775131430&cid=ma34789&mrk=234578994&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UWk1GNElRWDRRVCIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoiYXJ0aWNsZV9ibG9ja19hcmNoaXZlX29vbV9jIiwiZXhwZXJpZW5jZUlkIjoiRVgzMFlGR0xFREM0Iiwib2ZmZXJJZCI6ImZha2VPZmZlcklkIiwic2hvd0Nsb3NlQnV0dG9uIjoiMCJ9fSwidmVuZG9yIjoicGlhbm8iLCJ0eXBlIjoidW5rbm93biJ9LCJrZXl3b3JkcyI6WyJ6ZXJvLWNsaWNrLWhhY2tzLXNweS1waG9uZS1wZWdhc3VzIl0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODE2MTE1NzA2IiwicmVmVGltZSI6IjE2OTc0NTMzNzY3MTMifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 16 Oct 2023 10:49:37 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sp1.html
cdn.cxense.com/ Frame A161 		672 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
377
Content-Type
text/html
Date
Mon, 16 Oct 2023 10:49:37 GMT
Expires
Thu, 26 Oct 2023 10:49:37 GMT
Last-Modified
Wed, 02 Aug 2023 12:14:52 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
i.js
tag.bounceexchange.com/4693/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/4693/i.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=295498876
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
819edde26fdac9d1a5f9416138de8998ad84ad3c23866976ace670535fc5f9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:48:26 GMT
content-encoding
gzip
via
1.1 google
age
71
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5954
server
istio-envoy
etag
fa86e2ce7a108
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
Inquirer_Nameplate_RGB.png
media.inquirer.com/assets/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/Inquirer_Nameplate_RGB.png
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/plugin/plugin/a5ba4731b97b4c47764303e23303f06a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7795dd9e45c558b1cded4e3ffe720164ffad6903e432ae7be78c53d82182e25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ncP2Fe.ZthNunDee_fDIvXXNSbmdsnts
date
Mon, 16 Oct 2023 05:14:52 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 15:57:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
20086
etag
"58173e13f5406e42262d8bdd7d1a0f18"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
145669
x-amz-cf-id
oI4URoFPv7aTeau2FY8S-EXK0uz2f1u4S5dXvwfxlcahE9rDZhcnow==
3f1926c045a6d261231e3c504d35adb6
p543.inquirer.com/plugin/library/ 		333 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/plugin/library/3f1926c045a6d261231e3c504d35adb6
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
4997370e1557f690fb52b550bd5012aabe8b0f451bc8fece356283143df4c21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 19:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
age
399845
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
106201
x-xss-protection
1; mode=block
last-modified
Tue, 10 Oct 2023 19:45:32 GMT
server
-
etag
3f1926c045a6d261231e3c504d35adb6
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
-bqsBlZnXOBixm-lALqhDFKIMCeiBB7F_M05gcmIBMelWr-f5hDoUQ==
expires
Thu, 10 Oct 2024 19:45:32 GMT
LB-Zone-3
p543.inquirer.com/DG/DEFAULT/rest/rpc/1085/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/DG/DEFAULT/rest/rpc/1085/LB-Zone-3?referer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&bcsessionid=&bctempid=98680406-ac44-4b0a-afe1-8c81b9e41db7&overruleReferrer=&time=2023-10-16T12%3A49%3A37%2B02%3A00&ts=1697453377725
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
dd259fdbc80f8bbfb61adbcb82c2a2e822873c1f615efd719834c3493ae204df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
660
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
3W8nz3le8SPwZMqUOm6ue5G54IVmFf3rVhvMwcaMPLO0116Y4Lx47w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
5891_Real-Estate-graphic-rowhouse.png
media.inquirer.com/newsletters/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/newsletters/5891_Real-Estate-graphic-rowhouse.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13a1c4ae2eb98517ae991e22d133821d33f9da4a6b4b164ff7908c029adccc30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
z0wi7uY1LPplNdTlyaiFdXlBfExfZd3m
date
Mon, 16 Oct 2023 10:49:37 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 19:04:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
8712
x-amz-server-side-encryption
AES256
etag
"d9497c39ac1a509089f27f52c79d8700"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
17681
x-amz-cf-id
eBkrQL8Y2zW3lhZxODrYZHIiGTRkl5z0Xv6N-zKHE42BYGEQvpRVgg==
truncated
/ Frame 6920 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38b621c1199cc5c6d6a3102e55da07b50a93de29982104faf8528d7df76857e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6920 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4BkrgZ3z8R_By6nzIIzjyd6IC0TbY75d9kjszLpwpdgy7oK7JX4G3Rbf7uPreaYmdGpy_mnbMyM1OMokqclH2W09B321lhOqddEazMLaNLUqPL9zc5Q-skmHqeYJY88-HX6yJh8dUTierdPBC1EyEDuQvt0nrNzflJK1_r0MIPVoHt66TljUvU23xpX5tjKdPMcElyIGmprRWBv4NpdGrtJ4AWiR0Z1QHywjK1mKD-ba66erWXcK8ADBWeMhZtq_AZB8puwKkipVZ3BSGOhRvgTBZyWy8R7pJ-1xpLDHdV_v9it-gn7NhIxHjKjbsLOQq-98uD0TOFJtpKwx12_dHjxyHQQ&sai=AMfl-YS_BBul768x59lEqF0gGN-ds2G2rvNKfs8e45LHH293eryatkCtFLR8EQ6t1OoQQRaHlYmyf2bldJ_UKK2llF_vc5anGPa4L23j9vLsBMR07fIyXLdlvrA90Ccg4g&sig=Cg0ArKJSzAT7UGX4NSSUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 10:49:37 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 1A36 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
6766
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
content-length
2177
last-modified
Fri, 13 Oct 2023 13:42:42 GMT
wn
prod-dash-10-0-125-138
server
cloudflare
etag
W/"2177-1697204562000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
816fbc7b5da39be8-FRA
expires
Mon, 16 Oct 2023 12:49:37 GMT
cx.js
cdn.cxense.com/ Frame A161 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
116f5371289b5d493bc6f6921ef995663397e1639750895951013e82d9ae7578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 10:49:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Sep 2023 16:42:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36544
Expires
Mon, 16 Oct 2023 11:49:37 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&metername=NewsletterModalMeter&metertype=paywall&metered=1%7C1&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=21&tid=687ba31d-a026-4590-b6d7-285d9ee969df&pid=655a5bd5-b8b1-4f83-be63-b1c32d5ef880&dtm=1697453377191&qnm=_matherq&visible=1&tabid=e9c66156-756b-4475-9d5f-411e32b7804f&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&vp=1600x1200&ds=1600x4389&tofa=1697453376&vid=1&lvidt=1697453376&duid=d5835705-e973-4c50-9790-64b2d266297a&fp=1775131430&cid=ma34789&mrk=234578994&cx=eyJhY3Rpb24iOnsidHlwZSI6InBheXdhbGwiLCJjYXRlZ29yeSI6ImJsb2NrIiwiYWN0aW9uIjoic3RvcCIsImRhdGEiOnsiZXZlbnQiOiJwaWFub19tZXRlcl9ldmVudCIsIm1ldGVyQWN0aW9uIjoic3Vic2NyaXB0aW9uX3N0b3BfYXJjaGl2ZV9vb21fYyIsImRpc3BsYXlNb2RlIjoibW9kYWwiLCJzcGxpdFRlc3RJZHMiOiJObyBWYWx1ZSBTZXQiLCJicm93c2VySWQiOiJsbnNyd3ZueHY3djBrcG12IiwibWV0ZXJTdGF0dXMiOiJObyBWYWx1ZSBTZXQiLCJtZXRlclZpZXdzIjoiTm8gVmFsdWUgU2V0IiwibWV0ZXJWaWV3c0NhcHBlZCI6Ik5vIFZhbHVlIFNldCIsIm1ldGVyTGltaXQiOiJObyBWYWx1ZSBTZXQiLCJtZXRlclZpZXdzTGVmdCI6Ik5vIFZhbHVlIFNldCIsIm1ldGVyTmFtZSI6Ik5vIFZhbHVlIFNldCIsImNhcmRUaXRsZSI6Ik9PTSAtIE9sZGVyIENvbnRlbnQiLCJndG0udW5pcXVlRXZlbnRJZCI6IjgyIn0sInZlbmRvciI6ImN1c3RvbSIsImZsb3dyZWYiOnsiZGF5MCI6eyJmbG93IjoicGF5d2FsbCIsInRpZCI6IjY4N2JhMzFkLWEwMjYtNDU5MC1iNmQ3LTI4NWQ5ZWU5NjlkZiIsInRpbWUiOiIxNjk3NDUzMzc3In0sImRheTUiOnsidGltZSI6IjE2OTc0NTMzNzcifSwiZGF5MzAiOnsidGltZSI6IjE2OTc0NTMzNzcifX19LCJrZXl3b3JkcyI6WyJ6ZXJvLWNsaWNrLWhhY2tzLXNweS1waG9uZS1wZWdhc3VzIl0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODE2MTE1NzA2IiwicmVmVGltZSI6IjE2OTc0NTMzNzcxOTAifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 16 Oct 2023 10:49:37 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
fa401451-4d24-4567-baab-5500a33de2d2.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0E73 		138 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/fa401451-4d24-4567-baab-5500a33de2d2.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
519f2477e77c3a5884c2891734ec016c189033f43a47cc3d0afbf4d4d5a405a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
srD54nscWxl2DeES.xboC7YVpI6GV6pZ
date
Sun, 15 Oct 2023 15:12:41 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:53:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
70749
x-amz-server-side-encryption
AES256
etag
"ef5c71f510fd5004adecc665176ce605"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
138
x-amz-cf-id
9zRBADEbCHvvnbcxIQQ1h1SEZNAjwG0GDVzWnVYQmRCLjSsbc_74ag==
view
securepubads.g.doubleclick.net/pcs/ Frame 0E73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJY3MDetMOm0cxWZhkoSmvd4mSqRxo0Syzl-ZZVgCIFLm9QModG8sy5uG6hF_u9z5GnZkRF4hj7AZOf_H3Fhjrys3hE18EO7T-fqDaW07BihPkRliL8Oobbj8H-xXLnh4wpNg8cP2qE_75fsxbC8eU9BWx__3ilE-1EiXCox1tAyVCSQYDzsSf2m58r_3vzhHXSYOa-u9a8EIkGhqBA6ZZlx0gYGEu87CkWNWBaSnhKY6COMDtjquvRO9IvaqokxGnpVyF48mqb-SrO-7X4dHZqBlqCkn5RRG-Lom-LyQjsWFeijRYH02ffyUCs1NhgZRsNeDl8AE6D--K24dI3gCYau2Hs7wsPFz-Qs5Y6xFTdttbcRn6MW9Bq3dtvOLY&sai=AMfl-YTYfhzsMvK6dFClpuSKN-rx5Plh-ili6Ms4ENvCde5MwOigr022keLMJbZ8L_kBdGyX3k0xWo3xtW2GI4eNvPOiV2z4bHYH2AGKwgnyNCKz11VaVLyabIzMPQoQug&sig=Cg0ArKJSzFKgW_rxoK_oEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 0E73 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
44060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 22:35:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 0E73 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
9861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 08:05:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E73 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 10:49:37 GMT
689497767253021732
tpc.googlesyndication.com/simgad/ Frame 0E73 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/689497767253021732
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aec5eba37c39e94a86100caeaa2a757757ccd33e04a5ed0c3d63d67cadb3334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 09:06:32 GMT
x-content-type-options
nosniff
age
351785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70002
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:52:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 11 Oct 2024 09:06:32 GMT
l
www.google.com/ads/measurement/ Frame 0E73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsYPWgtfluKvYOYzK0HbS7ZiYhNQgT5g3BVA0nK8_nKVTNX8cw9okMd40oeqba1Y_bKWgK
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9HHXKD70G8&gtm=45je3ab0&_p=991142149&cid=816115706.1697453375&ul=en-us&_geo=1&_rdi=1&_s=4&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dr=&sid=1697453374&sct=1&seg=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9HHXKD70G8&gtm=45je3ab0&_p=991142149&cid=816115706.1697453375&ul=en-us&_eu=AEI&_geo=1&_rdi=1&_s=5&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dr=&sid=1697453374&sct=1&seg=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&en=ad_impression&ep.authors=Ryan%20Gallagher&ep.published_time=202202270502&ep.section_targets=%2Fbusiness%7C%2Fwires%2Fwp%7C%2Fwires%7C%7C%2Fbusiness%2Ftechnology%7C%2Fnews%2Fnation-world%7C%2Fnews&ep.source_name_ans=Bloomberg&ep.content_id=YXFDLQ6PXZHG3CIIPAFQNM2344&ep.article_length_label=long&ep.content_published_time_iso=2022-02-27T05%3A02%3A00-05%3A00&ep.sub_section=business&ep.sub_sub_section=business&ep.source_type_ans=wires&ep.content_subtype=subtype-regular&ep.seo_keywords=zero-click-hacks-spy-phone-pegasus&ep.story_tags=No%20Value%20Set&ep.clavis_topics=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&ep.clavis_auxiliaries=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&ep.source_system=composer&ep.title=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&ep.section_primary=business&ep.content_type=article&ep.page_url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&ep.auth0=No%20Value%20Set&ep.update_time=2022-02-27T05%3A02%3A00-05%3A00&ep.login_status=Logged%20Out&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36&ep.timezone=Europe%2FBerlin&epn.custom_timestamp=1697453376933&ep.custom_cookie_value=none%20%7C%20none%20%7C%20none%20%7C%20%20%7C%20&ep.query_id=COy_ysyy-oEDFVeS_QcdS5IHJg&_et=578
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
litype.php
contextual.media.net/ 		107 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/litype.php?&cid=8CUG8YY38&lid=6381741010&callback=window.mnjs.callback.autoRefreshResponseParser
Requested by
Host: warp.media.net
URL: https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CUG8YY38&dn=www.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
10c2dfb275c2fad62679a7a040cf5a879c2a7aca3f894d99859a52fe151774cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 10:49:38 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=10800
content-length
107
x-mnet-hl2
E
expires
Mon, 16 Oct 2023 13:49:38 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=991142149&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&ul=en-us&de=UTF-8&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad&ea=4495%2Fphl.business%2Farticle%2Ftop_banner&el=970x250&_u=aHDAgUAjAAAAAGgGKAC~&jid=&gjid=&cid=816115706.1697453375&tid=UA-1605085-6&_gid=152868007.1697453375&gtm=45He3ab0n71PMVLLW&cd31=816115706.1697453375&cd43=GA%20Event%20-%20Ad%20Layout&cd32=816115706.1697453375&z=1161628671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 18:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57381
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D634 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310031103/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 10:49:36 GMT
expires
Tue, 15 Oct 2024 10:49:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
litype.php
contextual.media.net/ 		104 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/litype.php?&cid=8CUG8YY38&lid=6381310295&callback=window.mnjs.callback.autoRefreshResponseParser
Requested by
Host: warp.media.net
URL: https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CUG8YY38&dn=www.inquirer.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ba5a681b4b027663c9f7bb78652df2f79875e7bcbd77313607f78888fe478485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 10:49:38 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=10800
content-length
104
x-mnet-hl2
E
expires
Mon, 16 Oct 2023 13:49:38 GMT
truncated
/ Frame 0E73 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30819dfc81e6dbaa3885a2e3d5b6a1f6fc32d7343d7eef67bbb137039b792d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame FC59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310120101&jk=3639582153038111&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9HHXKD70G8&gtm=45je3ab0&_p=991142149&cid=816115706.1697453375&ul=en-us&_geo=1&_rdi=1&_s=6&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dr=&sid=1697453374&sct=1&seg=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.fancybox.pack.js
p543.inquirer.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.pack.js
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 23:15:14 GMT
content-encoding
gzip
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
41664
x-cache
Hit from cloudfront
content-length
8529
last-modified
Tue, 20 Jul 2021 12:13:16 GMT
server
-
etag
"5a2b-5c78cfa88ea38-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
EwnqKHSbs3ekXw3asEqVbfl82v-H8rC5JEUbpEnoF-KuvYurGLcf2g==
expires
Tue, 14 Nov 2023 23:15:14 GMT
stats
p543.inquirer.com/rest/v2/recommendations/ 		58 B
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/rest/v2/recommendations/stats?storeId=7ee32785-8347-45ec-b523-a0f1f6967beb&action=view&itemId=www.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&profileId=98680406-ac44-4b0a-afe1-8c81b9e41db7&isEntrypage=true&hash=48e4d1385b60d4fbbef3fa66e96ad9b9&lastmodified=1645956120000&referer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&&callback=bc_json1087
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
a3ebdeb7e9a6c9c1bd2ace17cf49f25043133c1d8ddaa83fccbbf44d54a8da13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
78
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
iBhHjLRZoE9it8PgpoCtBrTc6skgM8f6ns05YHHPqeHfpake0-G9sg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
timelineEventTypePropertyTypes
p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/ 		33 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/timelineEventTypePropertyTypes?timelineEventTypeId=offer_selected
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/plugin/library/3f1926c045a6d261231e3c504d35adb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
90830be08e1f5b8b2fde3d337d220897533c982741b33bd0998a7fe508362c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
53
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
JeSBroTO6q6HxeaH6RNSrGw2HnCRFiliwQ3VcUmYIilZh6537CD_PA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1085
p543.inquirer.com/DG/DEFAULT/rest/rpc/ 		556 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/DG/DEFAULT/rest/rpc/1085?referer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&bcsessionid=98680406-ac44-4b0a-afe1-8c81b9e41db7&bctempid=&overruleReferrer=&time=2023-10-16T12%3A49%3A38%2B02%3A00&ts=1697453378246
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
2bf29608a9af4d17bd6384fed1b1f197b12b49d38378bd1fa8a4f707d620a48b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
180
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
pBQblOvyml5uLnDqAXsWkcwioCvkGl202aXDClw0YrEoatArYIGVUw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 58F9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
10088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 08:01:30 GMT
runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/4693/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 15:24:16 GMT
content-encoding
br
age
2402722
x-guploader-uploadid
ADPycds9i2MevogLA1KmABQt9zi_X98BBbiU7O0RsDri5zzJIKux_cvKqTKBziT74AQG35eRva6v7aL-2XPh0DY8aD3qBA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1317
last-modified
Mon, 18 Sep 2023 15:24:02 GMT
server
UploadServer
etag
"dbc90523c425a5d782995c1a39051881"
x-goog-generation
1695050642582474
x-goog-hash
crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1317
accept-ranges
bytes
content-type
text/javascript
cs
inquirer.blueconic.net/DG/DEFAULT/ 		67 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inquirer.blueconic.net/DG/DEFAULT/cs?bcsessionid=98680406-ac44-4b0a-afe1-8c81b9e41db7&&callback=bc_json1088
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.212.15.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-15-0.compute-1.amazonaws.com
Software
- /
Resource Hash
670ede5f01dc0fffa9e9596dc278440a6f339e9354a9f8d0ac90fe4f0f387e11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
87
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame D634 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
URL: https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
44061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 22:35:17 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame D634 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: www.inquirer.com
URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
Origin
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 06:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 06:27:27 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D634 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
URL: https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
274529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 12 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D634 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
URL: https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 10:49:38 GMT
v2
id5-sync.com/gm/ 		276 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0f7d493281f587e7ccc47d50fe606e48f0bc692606fddbcc735f303fac28d7ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.inquirer.com
date
Mon, 16 Oct 2023 10:49:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
1085
p543.inquirer.com/DG/DEFAULT/rest/rpc/ 		186 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/DG/DEFAULT/rest/rpc/1085?referer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&bcsessionid=98680406-ac44-4b0a-afe1-8c81b9e41db7&bctempid=&overruleReferrer=&time=2023-10-16T12%3A49%3A38%2B02%3A00&ts=1697453378324
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
f6841c12c5ab8e47dfe2396ed65f2309374867a8b2942c50eec2a4216d559ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
AWsHmadn1mE6TeoAsunKGLL1RaWMs7SAMa5s1G5PC-9ePV1sbuq37Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1085
p543.inquirer.com/DG/DEFAULT/rest/rpc/ 		186 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/DG/DEFAULT/rest/rpc/1085?referer=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&bcsessionid=98680406-ac44-4b0a-afe1-8c81b9e41db7&bctempid=&overruleReferrer=&time=2023-10-16T12%3A49%3A38%2B02%3A00&ts=1697453378326
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
5787838cdb43023dde6cf9fa55e10a204ac061bdefab003b55998323d1c63f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
166
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
vUk7E9WnJZH2duB0sbkMW2ZdjTV1fzmzSq1EGUQm5-bDMdft9E1_EA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Grot10-RegularWEB.woff2
media.inquirer.com/fonts/ Frame 1A36 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/Grot10-RegularWEB.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cb6cce79903bdc1ee04072eb772d2e48541d14eeab6929bb44182bbc7eaf5e5

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 02:34:42 GMT
x-amz-version-id
Vi7Iy5AdUNJucwT6r5nSEyKsVlgogyzr
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
202497
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
64484
last-modified
Tue, 04 Apr 2023 16:27:38 GMT
server
AmazonS3
etag
"d737e125caa6d933468084964d15f9b2"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://buy.tinypass.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
7mYtSPaY8TacGrjfMU36zbUvXD0eLmNs2u9zb2yGB8vYhnDmcgZ3Lw==
p1.js
p1cluster.cxense.com/ Frame A161 		44 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
65db95521f83779f4c33ea440a34ae0c95b7116a79d67cea132940fdddfeedb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
last-modified
Sun, 16 Apr 2023 10:49:38 GMT
server
Jetty(9.4.28.v20200408)
etag
n2ngwobqjcxgdvboce67uuu
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
44
expires
Wed, 16 Oct 2024 10:49:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbNoGMuF7JLsU12Gm9Ay8IqOlN6rS9iQiYJs7DOVmI_5OO5R0qzW7sxAIsqqoL3EUwlrjC12LUilBlQVlxvEHiSp9RLZtiuRoNd7WHxYUp33yYsUnJ8P92gwxwGkh9StM3Wl2j8sQlZbvo9vkL2zTVDW8ua6uRnms3EMJU72tLu7rnPpA9RBOZCU_G1irjCfM16CO5mq-G845PgncSqubVj66irLwFYp6GcuLO9IyvG37ur_3ZvUlfUzOZ5EC8E6Kk58WIpA-NCA0Q781zwvneGYUBTW4uB64yUERGBuTZr3SnXOF3mD5YNdNN3lCS4ZdoviL5J9dyKPm4qtQV35_fNIDnkVdRkwBfymc9q-iUrh4GjM4eiRaQFYgnz_Sxqdw&sai=AMfl-YQ02LDj5RBVNJHlxCjoixkgqvAeNIj8hZq1nn8GGerhhxWvs-LFnNanV0WkB5WJypyR5pHPh4MFl6SHPSbs_G3uVDxJfzAaWZPd69dC9Rlno1NWRoj-jIYaCHEKNQ&sig=Cg0ArKJSzKUz7qd53k6cEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 10:49:38 GMT
main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		451 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/4693/i.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d2d38e9afa4eb80d01c79ac892c13c3c6f8259f5ece5a16ccc5f15a8d82355ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 17:50:30 GMT
content-encoding
br
age
320348
x-guploader-uploadid
ADPycdstQvsRQ6jX9h9QCxoZSAtWi38h6EHep97F0LcT1w3_AtruKk3uAvL6MzHVFUA_iWVd3H5VOkc_RoeEu7RCmUT7GYUtjGOj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102842
last-modified
Thu, 12 Oct 2023 17:50:21 GMT
server
UploadServer
etag
"9cb8ae6ee169a813c93b097c6e03d195"
x-goog-generation
1697133021655460
x-goog-hash
crc32c=ezuzjA==, md5=nLiubuFpqBPJOwl8bgPRlQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
102842
accept-ranges
bytes
content-type
text/javascript
cjs_min_d6ffd30d93001e4f3792cd31d56f5f8e.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_d6ffd30d93001e4f3792cd31d56f5f8e.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/4693/i.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
624d9b9ef617be9fa66b5f1ce4d8594f840287e57d197e479b7b52c34d6fc47e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 20:31:39 GMT
content-encoding
gzip
age
1693079
x-guploader-uploadid
ADPycdtUTLTARh30WnbEdDSsOT66iYlmy8ZRmWzql7nzKl49MwAOqUY-CQu6mvpvQC2cqRwNtzFMQYVQ_ct8wk6pQC9lSjwxzZCg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15570
last-modified
Tue, 26 Sep 2023 20:31:31 GMT
server
UploadServer
etag
"ebaf21fa901c81c5aedfbd62d9e2317e"
x-goog-generation
1695760291557122
x-goog-hash
crc32c=SN4uiw==, md5=668h+pAcgcWu371i2eIxfg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
15570
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=sre_events&itype=RTD&abte=CONTROL&adt=desktop&cid=8CUG8YY38&ct=FRANKFURT&cc=DE&ugd=4&pht=4549&pid=&dn=inquirer.com&servname=ssp-serving-yin-74b9665895-fgtsz&svr=1010_333&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001697453374237007642542854367&requrl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&kwrf=&winner=DFP&isEmpty=false&size=1x1&dfpAdPath=4495%2Fphl.business%2Farticle%2F1x1_1&dfpDiv=ad2901&slotType=DFP&supcrid=&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=3164927707&winner=DFP&isEmpty=false&size=970x250&dfpAdPath=4495%2Fphl.business%2Farticle%2Ftop_banner&dfpDiv=ad5909&slotType=Prebid&supcrid=ad5909&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=3251677433&winner=DFP&isEmpty=false&size=300x600&dfpAdPath=4495%2Fphl.business%2Farticle%2Fright_1&dfpDiv=ad5999&slotType=Prebid&supcrid=ad5999&adid=&acid=&pvnm=&dfpbd=&ogbdp=&curr=&bidId=&mnrf=0&mnrfc=0&bdp=&icurr=&dfpcmpId=3252827646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 16 Oct 2023 10:49:38 GMT
Inquirer_Nameplate_RGB.png
media.inquirer.com/assets/ Frame FBD6 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.inquirer.com/assets/Inquirer_Nameplate_RGB.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7795dd9e45c558b1cded4e3ffe720164ffad6903e432ae7be78c53d82182e25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ncP2Fe.ZthNunDee_fDIvXXNSbmdsnts
date
Mon, 16 Oct 2023 05:14:52 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 15:57:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
20087
etag
"58173e13f5406e42262d8bdd7d1a0f18"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
145669
x-amz-cf-id
z1oeRKQlnpvzKMRoFBZqMfKzGbw9dn1uhcEA8PWu9d4Hxt3udvTVXQ==
Grot10-MediumWEB.woff2
media.inquirer.com/fonts/ Frame FBD6 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/Grot10-MediumWEB.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c73d7364434e85520404d42d76844278dcdb812f2d6665b1a49c2b9e00dfa943

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:13:31 GMT
x-amz-version-id
P_rlkfMWCiJOcMrWBAYzUxElz21if22m
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
124568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63152
last-modified
Tue, 04 Apr 2023 16:24:16 GMT
server
AmazonS3
etag
"4e9680037dffa9c70996c2a1d6fde97a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://buy.tinypass.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
c3dRBMhoIJI4_t8IYgLQKdTACoAkMvaMmKCEiifkYv_hQ-MwSMPlMQ==
InquirerHeadline-BoldWEB.woff2
media.inquirer.com/fonts/ Frame FBD6 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.inquirer.com/fonts/InquirerHeadline-BoldWEB.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6000:e:3d02:4d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1100e6cd4c1c8da05e9491cd6a1b97257ee60421048b264de395b2d5952d993f

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 20:55:46 GMT
x-amz-version-id
Hsno0FKcB5A6H4D3ZaSdcC1AwY49wkcq
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
136433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36972
last-modified
Tue, 04 Apr 2023 16:27:43 GMT
server
AmazonS3
etag
"0cbc2298cfd5d460f57d7b6b202bb1f8"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://buy.tinypass.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
9NRnTyedTgTYvoBxoOS0gr0LpCLE14j49QEzrNlxVevFJp1jWPSz5w==
rep.gif
comcluster.cxense.com/Repo/ Frame A161 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.32&typ=pgv&rnd=lnsrwvnx8o8ghpgf&sid=1135223877765277805&loc=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&new=1&arf=0&ltm=1697453377496&ref=&tzo=-120&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lnsrwwpfrj4h9v3a&ckp=lnsrwvnxv7v0kpmv&glb=&cp_userState=anon&cst=n2ngwobqjcxgdvboce67uuu
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 16 Oct 2023 10:49:38 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
index.html
s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/ Frame D6F5 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35eda4ab308ca13124d4d8e04743fd009d03d310f1413edc09e86a65a7914d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
77952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
6383
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 13:10:26 GMT
expires
Mon, 16 Oct 2023 13:10:26 GMT
last-modified
Fri, 29 Sep 2023 15:05:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D634 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPqZU1FCZDpd3lXWcWdAxOvs49lvHL1GkCfqDvm5j9jTbmMNigKlw8BOE2tMaaJaIufi-Yf8MU-_TwfCMK31jH9SwhImd-tiBdAdp3n56hkB6ogBTBU2cRzpI84YTX2WETBgd-1v17mZBv-_gt5eFQ7LAOT3Fatm2rVhEwiosZzE9RXFdfMonyrfk9g_n0vTI5DBLbqipsrybceUWN3HGzWuq54pwq8nokEdlpNJKF_oKRq-wjI_MOW6uU8pVIXTZnL6I2kDS5enwHjLJh3IjzF3HMyccAi3uxOnvlKYa8v2KTfu-3W6DxJjfj5VXXkTrDVi8hDcWlBcVr1VjpAKW_OndqI-zn7ikXLZTpdaPvd-IfdmQDJkY&sai=AMfl-YQSmYKPfNySH9lqTK5ETtLe8lQxjsHyTzgSBQGa2Xdh7yJGEhtKSsEoSDeFfY5jNjayI58WvS_HoePVQIQ-hB2T-Gxn9G1yIw5Tmb5MLsq1e96tqwIfu0AymnXWfw&sig=Cg0ArKJSzO64jOuiGfXvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
URL: https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:38 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.inquirer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 10:49:38 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:38 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.inquirer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 10:49:38 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
id
id.cxense.com/public/user/ 		102 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lnsrwvnxv7v0kpmv%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22n2ngwobqjcxgdvboce67uuu%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22n2ngwobqjcxgdvboce67uuu%22%7D%5D%2C%22siteId%22%3A%221135223877765277805%22%2C%22location%22%3A%22https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
84eed2f145671a330f4c13a92cbc19708084e1f2b1a1d36678cfd856e7c03d1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:38 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
inbox-v2_48b3046e5658d067d380731acb25edd9.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_48b3046e5658d067d380731acb25edd9.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:32:28 GMT
content-encoding
br
age
335830
x-guploader-uploadid
ADPycdt0-ERlw-fWz2wCv0jJb4Ktjp0ueAUNKJBxy_MeeitWziUapV4JPSary5SVEphKK5bB8kgMczUjNCgoAlbNh9SZYw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4862
last-modified
Tue, 10 Oct 2023 16:03:33 GMT
server
UploadServer
etag
"e08d76c0eee63d930afa55862092fe13"
x-goog-generation
1694525539645421
x-goog-hash
crc32c=om6Z6Q==, md5=4I12wO7mPZMK+lWGIJL+Ew==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4862
accept-ranges
bytes
content-type
text/javascript
onsite-v2_5631bf90701659009118a89f964ae570.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 15:24:02 GMT
content-encoding
br
age
2402736
x-guploader-uploadid
ADPycdsQ4ZOiRVHxhVva69dIpNhD-PQZ37QtZPBEAWaVaiCwNDzK2oRFEmUSq_PiG-7iUqu7uUjAEh_a-Q2xZuKGcg3YaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4962
last-modified
Mon, 18 Sep 2023 15:23:53 GMT
server
UploadServer
etag
"801d41813e7b11c4986b4ca00307283b"
x-goog-generation
1695050633424590
x-goog-hash
crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4962
accept-ranges
bytes
content-type
text/javascript
ads-v2_e9f1c2a6d3ba921ed658a09391f07078.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		167 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_e9f1c2a6d3ba921ed658a09391f07078.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2859fd4e86cd85638342fe6052b58dd6e728c022df0fcb1adeaa0f18531520ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 17:50:18 GMT
content-encoding
br
age
320360
x-guploader-uploadid
ADPycdvAvtkZdIQAp6Awae6OX6xeFivdNutvgQn2u7FmcK-FODcLaBw23FdFD4mLUM08atLU_WQ0thix1Zdt6EyqC5RHB-4HZwUQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37456
last-modified
Thu, 12 Oct 2023 17:50:08 GMT
server
UploadServer
etag
"db2bd6029cb8c54b2991220987db3939"
x-goog-generation
1697133008561973
x-goog-hash
crc32c=vR+7lQ==, md5=2yvWApy4xUspkSIJh9s5OQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
37456
accept-ranges
bytes
content-type
text/javascript
timelinelite_1.18.0_dbe88c20554c170a56f44600f31a97d9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D6F5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/timelinelite_1.18.0_dbe88c20554c170a56f44600f31a97d9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4136
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 10:49:38 GMT
tweenlite_1.18.0_56fa823cfbbef1c2f4d4346f0f0e6c3c_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D6F5 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenlite_1.18.0_56fa823cfbbef1c2f4d4346f0f0e6c3c_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9412
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 10:49:38 GMT
cssplugin_1.18.0_71489205621d46cbe88348eeb8fe493f_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D6F5 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssplugin_1.18.0_71489205621d46cbe88348eeb8fe493f_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15196
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:02:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 10:49:38 GMT
easepack_1.18.0_ed5816e732515f56d96a67f6a2a15ccb_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D6F5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_1.18.0_ed5816e732515f56d96a67f6a2a15ccb_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1956
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:02:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 10:49:38 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame D6F5 		113 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
561305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33534
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c274"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mm0KDpcNhb22yf%2B5cw%2BV%2BhI4lkGWMCWVKldZZYyUfEk9BzLmjdVuIhxaJx91VWryUBxPZT%2F0XYEeUmbtSRIWxO092kzGOsluuH0HDfdIoZlJEGOTrPxbybOm7ubMzGNMPGLdtFnTf%2Fvs%2B1uoojf8WKKU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816fbc807dc55be5-FRA
expires
Sat, 05 Oct 2024 10:49:38 GMT
i.png
s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/ Frame D6F5 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/i.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70a6d0db11f0a543b5ee5a2827d41e9a880dd98510cc2d11118a0619b6874ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:10:26 GMT
x-content-type-options
nosniff
age
77952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70990
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 15:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 13:10:26 GMT
nav.png
s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/ Frame D6F5 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/nav.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
962cb4f23097fcaa3392289ce77bc0578ac5a4b9b9f54ceac2426bd5a3f04ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:10:26 GMT
x-content-type-options
nosniff
age
77952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1368
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 15:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 13:10:26 GMT
cta.png
s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/ Frame D6F5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eb8eb5329931234e7a838560f2c80cbab17bde59776a4619325089c790978b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:10:26 GMT
x-content-type-options
nosniff
age
77952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5194
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 15:05:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 13:10:26 GMT
unsubscribe.png
s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/ Frame D6F5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/unsubscribe.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fe7e716c3508a48fa89f4bdf136195d4f48fa4c48b249a4c7088b3eccfaf32f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:10:26 GMT
x-content-type-options
nosniff
age
77952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 15:05:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 13:10:26 GMT
subscribe.png
s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/ Frame D6F5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/images/subscribe.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf47115717419ac581b7d8a35b4ed835c1f1b66852071601ad6ed6d9f5041df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:10:26 GMT
x-content-type-options
nosniff
age
77952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2621
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 15:05:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 13:10:26 GMT
timelineEventTypePropertyTypes
p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/ 		38 B
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/timelineEventTypePropertyTypes?timelineEventTypeId=user_info_completed
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/plugin/library/3f1926c045a6d261231e3c504d35adb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
3b1d841ea4e9182c73ea8536756ca6bf7bacf0182227b8a435ec7cad8e885293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
58
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
MhGFcs1GnvVpMpm2_ZpK6nqrTVFNCTGqvoX84kRYyyRfbI1HusODnA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_d6ffd30d93001e4f3792cd31d56f5f8e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.14.182 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
182.14.149.34.bc.googleusercontent.com
Software
/
Resource Hash
1e70bd3712e4b952de8a31d4b4aaeed68ed73b194458c920a10c01e972b4d304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:38 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_d6ffd30d93001e4f3792cd31d56f5f8e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.96.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
210.96.117.34.bc.googleusercontent.com
Software
/
Resource Hash
d5559d3b0cee55783bedf2468ef7d7e02f60eca4bb91ccd8ec0fbbba1644b8bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:39 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_d6ffd30d93001e4f3792cd31d56f5f8e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.203.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
84.203.149.34.bc.googleusercontent.com
Software
/
Resource Hash
8ed6468cb88f43aaac8248412ce76678aaf592ae89707fb7d46a923e9481186b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:39 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
generate_204
tpc.googlesyndication.com/ Frame 58F9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DDOYfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gritty-220-white-cropped.mp4
d1pozjtpbhnh0m.cloudfront.net/ Frame D6F5 		908 KB
910 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d1pozjtpbhnh0m.cloudfront.net/gritty-220-white-cropped.mp4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/375289/5351779803/1695999907841/300x600/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ba00:e:2f90:b980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e02eb00f2a867a72ef2c1d526779ba180403f842923b39c3a8bcca5f201ae61d

Request headers

Referer
https://s0.2mdn.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 16 Oct 2023 09:43:34 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Fri, 22 Sep 2023 20:57:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
11778
x-amz-server-side-encryption
AES256
etag
"cb4ffef6db44f00971213392051c73b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-930166/930167
accept-ranges
bytes
x-amz-cf-id
mah3ZNF89x1FHzVVYH7-NgrAuelZoNEKO8kDVzy8n8vazsqPOuygJA==
Content-Length
930167
activeview
pagead2.googlesyndication.com/pcs/ Frame 6920 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSdiItNBctaFXzlUqZc6ihKk6NZ5KVvIOcafb6v2hLhoNfUpO992QxDYxVXmUfeFc-oNIkn0pvoNEOoeQtnBf-yG89BL3fdzW_391knAzbE8MGr7h-p4Nrg3IMfvi1&sig=Cg0ArKJSzKYr8ZEW5GSzEAE&id=lidar2&mcvt=1042&p=159,799,160,800&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1703377126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697453377223&rpt=549&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 11:50:01 GMT
content-encoding
br
age
82777
x-guploader-uploadid
ADPycduJ6vdXpBLYiq5AwqJo6d-uzvsBEqoui6WpiXpDwsF35mV0CDaxxOOJVHlxB6dmAtSH708j51fesHwDnrRMHL4uKO-hdI9G
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31566
last-modified
Thu, 12 Oct 2023 17:49:55 GMT
server
UploadServer
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
x-goog-generation
1697132995268969
x-goog-hash
crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
89476
accept-ranges
none
content-type
text/javascript; charset=UTF-8
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 4EE9 		2 KB
976 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
593883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 13:51:35 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Wed, 04 Oct 2023 13:33:16 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1696426396757733
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
ADPycdsUZc3YqPWxiV2Gbtnn98iqGVPYQ4BBPY3OyXEvfKmcNPgKKLSWGi8WN28_8zJyyPpWmJMWK6Q7uTcx_Y7KiUguUkRBPQOc
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=4d3e1376-81b5-42e2-95df-99cd3f7d032f
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
af1a2658d19d3263130789ac51f5ca01cedbac53731e0996c0d26dc05548e599

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:38 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
timelineEventTypePropertyTypes
p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/ 		49 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/timelineEventTypePropertyTypes?timelineEventTypeId=billing_and_payment_info_completed
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/plugin/library/3f1926c045a6d261231e3c504d35adb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
9718b018e19ec6fac19370e30f9a04d5f1afe35c602a01ac8d037538ee3e35fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
69
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
mKvqb_jMRJCowcf1fMGFmJLD22GptdFvDuQG2VcmxU2Sr2-BcA5gMw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D634 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIsDjl-fKdRfsfmWhEiKtIMn7rt4LkK6gI9roeyFzpu8O_XWFgCI2KtSGDgkzk7q3gISPk4g3IhJePnGgsrOEPPtd3l9Y5dFQVpl3n_UV-HkuYtBWArFMQoI-VWp4AJo1OFkN6D9dCGsOCdi2DHFGMHX3ctIN5w_yINWlT-w_qgNKFboDWBO4y1nupH4-2MCFLqnQmtrANfqC_VqPln5CEdbLLQ5kFdMVILd1HbeysR8ImqmMI0rDmkm9NVZwS7AolWzQ4MtL3HQE5EXMh8mjKGp5NX0BD8zxVokdyqtQRKD8cuPhN1r929z-4I6gxC4PEAEt3L5BtCD2MFrqr3JdvafbxKdu1Qv3tMRJvgQGLt1BHVgBTmbewug&sai=AMfl-YQhXVW6eKo0q5kwfnUbImaFqNc7e-pJ353u7KgL5Xm_w6e33TShq6FFM1U_4Ha1QN_pYaYUK9zpx9xUt8mwhM2kyb4A-riVvipuGFjvWAy8XmCxh-_EP6Y2GIW6Mg&sig=Cg0ArKJSzLm44sUqCcI9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 10:49:39 GMT
timelineEventTypePropertyTypes
p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/ 		39 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p543.inquirer.com/rest/v2/custom/frontend/gtmconnection/timelineEventTypePropertyTypes?timelineEventTypeId=add_subscription_success
Requested by
Host: p543.inquirer.com
URL: https://p543.inquirer.com/plugin/library/3f1926c045a6d261231e3c504d35adb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-67.fra56.r.cloudfront.net
Software
- /
Resource Hash
4c343b8cb0b338461e086fcb476567e6ffc5d619bad7491ff66a9122297e08cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
57
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
M6LYjao5AA3RZPVqEQGFcLSaXtIlqsNCYjn9UMDUzdFr_u1Nkd4peg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E73 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH7xa25jYpUlwaR259viXKDhRDuDipZsgYYo6Yr4cI10HkhQWZrl7IUEOE6h-D91yYcJcpKIIQ8H65_Q49vsDTwfd5fWYBgqamVr9ZLq4AG1jc-beI7g_xLm6PbpYv&sig=Cg0ArKJSzElhoV2Mb7ZxEAE&id=lidar2&mcvt=1001&p=161,315,411,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3510941793&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697453377893&rpt=510&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310120101&jk=3639582153038111&bg=!FhWlFVrNAAbFpEfJ5aQ7ADQBe5WfOByz1lEh0i8mF6vMdl86q0ltMwd6hxRWONPHsHTGRwRaVNOdefg-NUSzYz8OmhaLAgAAAhdSAAAADGgBB5kC5ht8vS7vgCfChM-DK7S1rLgIb6lWPfMu34Vh3kM_HSrimGfGm8HoPp1u14alAsPKBA0_rpvinD5Na3fpYL-fc-wmlLD3W1pysUhM0-iTA_X4pszHZ-PhLekZf3vpB2Mex-K0Pr5w_yxrNRRUdXnds_7BPZZzwXrluUeg8JtB840fR8jLlOneN33lq7W-o2GpmVCs9illLj4kypygq-EeVXWMz359UYFA_h9bVl3ozT2fLmdn3YhJY3RmZKx32zdog0qXRcYlIDrp0HohzmdR7AtuSH3Qkb6h32iBJvjFSW90u3EQyHFB39oMFxm6wl2cus5JKKZndcBCx6jC1QRe6tsTvpuw3joQdfDh32RcFSxN1B31Cgwl9f-v-hofoV5Li_CqZxnmllbZzQlAm20llNtgi-_1V6bPRWoMj1qLBeFDOAkrPe1EvIt9YVsHstghfsSwfSRLa50rFqxbjKmuwgmHO8iHhUnX24xzAxIsSHpK6OwOZGx2tjEmwNmtrcr24b7Jsy3FurQlGiRrI6nyZTUyaRezPgAmveZfUQ6GVC78hcZ5cn3Je-oyHGgwU1YuYajuV1VjZEAj5LJVWRZOD8ndtaiK7PWqXNq2xlFTxIZ6lGtAQt8tZuK8DCZBp-cwul7szlNGPSbGHpyVQYzL0H2fqsgCJ2orNvtEnEu_06tKQichzoZNl78VfeQ_VB-qnhys9isOI2zRQvEO1ms4G4cBvSlzQQ2hOzp4iRAynMKO3rSOQSoGuYqqw1c259SeaL3Aie28ham8ZcnywQcKJyvlrea_KdBvB-E5FghdFE8KEaC0JlfOBazy4ipb52Lv2EGtNCF7vF82jKUTc2UqTrFaJiiMPMlXr88zke9OkT0Q76ZLD1NLiWNAEVOQbpg61QLMQ7CFOvxUpgqA0BVQKirHOo4RG61amzxGJTpqlb7_qhAv7NLbjxdIdGkzSLxhSUS3pdm9j1x_8J9KVLjwmYv_J-jYL1I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=4d3e1376-81b5-42e2-95df-99cd3f7d032f
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4b5d997c338bdd6a8a591cceba5ff9553ed92494dce5bc514e0aedc036a175fd

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:39 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		52 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=HtZYnkXBmA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63040e6558df1d47dd780393a3b63d6370302b5a28cc4d6533bee7dacaf391c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Oct 2023 10:49:39 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-133-244
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
access-control-allow-origin
*
server-time
0.001
content-type
application/json
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
816fbc86f88b4d61-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
Mrebm2sorCU
c
ids.cdnwidget.com/ 		61 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=110056222&GCS2=ZTlhMjkwMjQtNThhMC00ZTFhLThlNzItYzM1ZGNkOTI3OTYwLmxvY2FsLGNjYWJiMjMxLTk5ZWEtNDAwMi1hYTY5LTI0ZGNmODQ0ZmM0ZC5sb2NhbA==&pe=false&wsid=4693&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4693%2C%22loadID%22%3A%22m33sEE8rLaBt94m%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A14%2C%22IDStageStart%22%3A14%2C%22obsReqdata%22%3A290%2C%22netComplete%22%3A310%2C%22obsReqview%22%3A416%2C%22obsReqpage%22%3A508%2C%22IDStagePrefire%22%3A508%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A2%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%2250166634253020148%22%2C%22visitid%22%3A%221697453378959829%22%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_d6ffd30d93001e4f3792cd31d56f5f8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:56e0:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:39 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
init1.js
api.bounceexchange.com/bounce/ 		36 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=1955&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBOAdgBYBWAZmtOIA4GAGTYALxCgFp8AmVgHcApgCMcqYMID6qACZRyJapgBOwnCAA2cNBgKFmzAB78ja4TGGr1qqNgCGWragQBzaXFVaoAC2DAAA44AKTUAIIhfABiUdGCCQB0rgCOcKi2iUggALZxonASCBqhMezWINxILkgA1ty+DnU43DiBAJ7cgb4Ywl3Cbg44hdwCfGN8pIn+OVqYAG6oEsDS2SC1qMJQIaQAQlF8WoEHYZHj-kGlNGeUMVG38Ump6ZnZeXwPBUUl92UVVTV6o1mq0Ol0esV+oNhi0JsxxlMZloTnwAMIHVQnCIovg7AAi2BA6022z2Bzk8ixZw+zCIhEI1HIH2o8Np5AYKPR40WcipRDIVFopAYxEojD4xCiXL48ypO3242E82s0i0IDcbmEclkCCpwFUcGEUoOSpVao1Wp10kCDkp41OMCcOCNaIOw1EOUkUm1GGWLtxEUdWmdxvGCDgOVEKpAMGkDlUaGqGmk6gcvPtEWYob4zpQ6AQ1tUqBy8facvGX1cP3trsVSAcgWk7s9AUtzwyKpyIFUCFcbipQZDtb4wnrjebXstbW7wBw0jktq0ZYz4UHLulo4bTbgHsn2uAvj7c9A85AA6d65NY+3u9b2q0wln0mEDmA5+Dl7rW4nd+t1isKCeL2GDvkOG7Xj+3rSMUghzk41izqBn4jhBO4tlB2SqBgDiLAapQBquF7Zpu45oXuqxqroSHEaht5QYIqDONIBTIL41HDiRN7oZaciISua40d+ZG-jaEzseBQl0ZalbFDg+EOkRHG0dx96vhoB4vnILiyeJV6SSpKYvloz44MAam6V+47CMIBYHks0iLMs1GkHi2ZyG40QZKZAAyIBpnqBpGi5CzxjgADa9YJqsICIMAAC6sAXiFqjheamraq4CX6oayXhaaqiquq6U6llgW5WF+WFRaGUFja8gJWu5WRSsKTAO0CWsPMoURfGKxdTowgdeVkGWr6kiDYlH7lYEWHaggDg5BNjVdSlYUzSA2ozagSATZ13WuE2oB1A1SUreFvXbQ+c7qCWrh9idU1nWF4aRtGsYXUm12aUNT3mgdjmoKID4Pc6w07jgSBFoEei2e0gRLad3U2u0ghOMZM0aDZ8VQNlwjDTGwCo0xyNE+j6jOgg2PLd1jSqHIpPWg4KNo4WmOUyDeO-UVbYFjA6gI493VpTzjP1ZNoNPcji2U9FCAwBki1yBz5UfQ+0ELRNUSkAAWv81TbbUWtRMwwK1KUzDxi6zBuFhDHuMbrjG4EICBHAWjxpI7SJMbAAqvjWC6pDmzNTSJmjy7MAgZ4CKjEegMbpku8bGk5IkKsJpdMj1lIbjdu19hPbmMOFsWpYJTJJRg6ITajjD5eFFWclVzeNd5hg9ffE3ksOJq0htfDCWq5z3WcSNNVpB2BVdj293i8Pq2j8JUHTgmc4Lox+fUwvynkXZ7jHiAp7K09i9Sfej5zi+VOI9v+nkfDqgASsiD5sfI877+MFwQ+q9v7fpFn2ilheauFCh-zyh-DClFr6C3-lxciDEmIsSQL4cBFVIE8VnGg0+BlRLwj4NgjB2oK5yUIXfX87spCmX9mmbSGgyEAIMqmYy6k1JoMTqodofce4JQAHLR2YAANScIaY2ABlR8w1UBuALAdLsC5jIAyBgLCW79vzWVsoeOcAMYGqNWuoNwSx9SvnzNIBmGMKa6PnuFeaaBlTSBAMqbwTNWaWNKjlJ6cgYCNlUEDEAx0oBRxWKmOQ7QFhyEsM9CMUYCoxjjBnT6hk0w-QiTAdB6ibJ9y0Q5JYkhlZrA2DIUAh93aqE1HPTAohAhQFYI+apYUABEQ8GkABoGnZwGHnVp7T-Z1BisAbpPRFrdJcPY5pbTnTxhQQ0uKmBoZ4CHoSHIgQXAOGQDIGA7s3AF0aFAIAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a150687e3d6d999ac39e9fd1d236eaec.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date
Mon, 16 Oct 2023 10:49:39 GMT
content-encoding
gzip
x-envoy-upstream-service-time
15
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cjs-logger
e.cdnwidget.com/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=4693&warpspeed=2%5EHIykD&loadID=m33sEE8rLaBt94m&version=1.5.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.193.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame D634 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkthiwwP-BtKnE7YRYRgXVAJXsl6kpQcbj2u-gdUB4oA4tAUdfwnFNxCEgzFVQAD0iojYUMUVPFf5ucvPu0g046Xd7fUUcA9NtdWXanLSQt2NXBw4gZDCEQZT1cOHo&sig=Cg0ArKJSzHUHHpa2UkrAEAE&id=lidar2&mcvt=1000&p=699,990,1299,1290&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&app=0&itpl=30&adk=2122904749&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697453378012&rpt=998&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=4d3e1376-81b5-42e2-95df-99cd3f7d032f
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d7e3a57e166dd3cf43092991ae3d604a87c4ac87a58167339e21c9cce5c8a587

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:40 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=4d3e1376-81b5-42e2-95df-99cd3f7d032f
Requested by
Host: f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
URL: https://f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app/f279b5ea-1200-4ff6-9d35-17893279723e-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:41 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KiIAAU&gdpr=0&src=pbjs&ver=8.17.0&coppa=0&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:41 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.inquirer.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=561&_it=prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a153f4cfcd731f1c072a556ea39f93f23f4b5645c2158ffae19991891b9ca4

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
816fbc95ecb33a80-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		136 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
c3e03a3e074707923e33eced37e40e9c707e73b5736c553e12e1b97adef976c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.inquirer.com
date
Mon, 16 Oct 2023 10:49:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
checksync.php
contextual.media.net/ Frame 0827 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUG8YY38&prvid=2034%2C2033%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C56%2C2045%2C3012%2C3010%2C122%2C3008%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C459%2C77%2C182%2C261%2C141%2C262%2C461%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
286dbd5b53aa1d97f6a86859f3bae921f62cef02eed194378ec906b68c3b67b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8476
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 10:49:42 GMT
expires
Wed, 18 Oct 2023 10:49:42 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usersync.html
cdn.undertone.com/js/ Frame 03CE 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8798
content-encoding
gzip
content-type
text/html
date
Mon, 16 Oct 2023 08:23:05 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-id
6Esk93Dsn7otNSZyVD7YfPEfRljbBLDEkVnXLObqsu1hI2evGIi68Q==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame D1B8 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 16 Oct 2023 10:49:42 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 8844 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1024
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
816fbc95edfc926e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 10:49:42 GMT
expires
Mon, 16 Oct 2023 14:49:42 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4D32 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.inquirer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 10:49:42 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7da0e7b4d8137d37dc4d7608a04814309493e90fefe051ab55fc93ae7d484158
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.inquirer.com
date
Mon, 16 Oct 2023 10:49:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
1106.json
id5-sync.com/g/v2/ 		276 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1106.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0bba7bab14234ca6c56af050f406cdc0f3e2914d484b3fba94c24672ee6105ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.inquirer.com
date
Mon, 16 Oct 2023 10:49:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 4D32 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e0cafce5b6d05c398b0b36c59558eab2f36ccf914a320bdd893c9f23d9269864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 10:49:42 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 20:09:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33529
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 20:08:31 GMT
khaos.json
token.rubiconproject.com/ Frame 4D32 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
usermatch
ssum-sec.casalemedia.com/ Frame C0FB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61393c3fcc04cbd123252e692012ef699dc7c45bf6ffb355b650612c97b8204

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
816fbc968ef19b86-FRA
content-encoding
br
content-type
text/html
date
Mon, 16 Oct 2023 10:49:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0w%2FxuV7MvOlZQGoSQ4fE0YD9CjDeefgOE0MPPcM7uOSTlemUGeKe6UHKQ7OxlB7jZaFsrs3cxDjxKcXFBU3ARB9EtDuqg0WGve6%2FGHfx478l%2Bi1AevGOIRPLpnnFJwGIjvECOxFBaQ%2BI4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
816fbc965cf66925-FRA
content-length
0
date
Mon, 16 Oct 2023 10:49:42 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ukab7p5ygFfv3v7p3eWmsNvxnQ%2B0oRAudvQNgEr4ffzIIq6h3EtTtO6kRssFQzDO%2BtgZeU8JS7ADOM7oXGyFfgvKDbBTdBDhcs29ztSjWTxP01ujhUV0L72wMrYshhxh%2FBb0LDK%2B2p1LA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4CBE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 10:49:42 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 10:49:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 03CE 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58293/ Frame 03CE
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
date
Mon, 16 Oct 2023 10:49:42 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.87
content-length
360
content-language
en
generic
match.adsrvr.org/track/cmf/ Frame 03CE 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame 03CE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame 03CE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTIwOUQ3NDktNDQzMC00MjJGLUI5OTMtMEZFNzhCQUNDMDQ4&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9209D749-4430-422F-B993-0FE78BACC048&us_privacy=%24%7B...
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9209D749-4430-422F-B993-0FE78BACC048
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9209D749-4430-422F-B993-0FE78BACC048
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.66.97.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-32.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
1VzRIcuJxgHtlx71SlPeeO7gfou2Yi6pN2339mqK3aMlxHcoRiZZfw==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9209D749-4430-422F-B993-0FE78BACC048
date
Mon, 16 Oct 2023 10:49:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 03CE 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 16 Oct 2023 10:49:41 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
occ
ups.analytics.yahoo.com/ups/58545/ Frame 03CE 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58545/occ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 69C1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5b7ebd9a2e42333ed170634b2b82680d62fbc300aac3e8f17033eb731fc6df

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
816fbc967eec9b86-FRA
content-encoding
br
content-type
text/html
date
Mon, 16 Oct 2023 10:49:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqtfaI%2FJGau7I9VRSyE4K7CYSKRMMWhhoWj8w6SrWCWTbpoBSPp%2BDnXugHxqofuWpiWhteCtshcBLp2g3SxQCnhBwQ4UCyGbble0oercUsSsjv0SbnR24w6Ipa8222tZfKclqCGbEn1vAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
816fbc965cf86925-FRA
content-length
0
date
Mon, 16 Oct 2023 10:49:42 GMT
expires
0
location
/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XolvO82LojakP0iznOsENU8I6bXUOJW7Mk48oaeEteCEpNcMCumtj2tWL0Jn2ugAbmn%2BABExpxYyEG2BhJ1kYjQdCbyK%2FpWX50jBFghcT2TEW5h%2F0SOkpM%2FYGCjclrLemg9yXPUnrLkfXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 4CBE 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e0cafce5b6d05c398b0b36c59558eab2f36ccf914a320bdd893c9f23d9269864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 10:49:42 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 20:09:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33529
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 20:08:31 GMT
khaos.json
token.rubiconproject.com/ Frame 4CBE 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 69C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUqvK3oXjy2j7R6RWhU0YGXrEYkqDR80D1TqTqND2GcojN%2Bl2Uyf7LFqBDsC4qvJZa50KaNE2CuyqPMBFb%2Fcrbp9IpmVjqwj6AXgjh1OjxQ7V%2FW8V7BY5jvQgGJOH5b0wiYuN%2BBoiiVCIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc96ff749b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 69C1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS0VRuadfRPyjSu8sbJE.AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1&google_hm=2
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N899OEVkebm%2FBRzHPwn%2ByJtjJCQ%2F5HWkJknfLtxQ%2BvrIAEdidZ697kBx0d93TEo7FPqOy2qRid%2Bt1Gmue0yxFaZU3Bu%2FTOIZ01zAEWVpUziszR8mxtW2iO8ppmfKx%2FZqrjwjfewGbN5Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc970f8a9b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 69C1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 69C1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W138W43RAYW8HG7TVD9J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XMXYAMSXBH23ZY992Y0H
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE-AAADKUAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 69C1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bc8HxRBXXpNR-zWPr5lWHS2NmE0
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bc8HxRBXXpNR-zWPr5lWHS2NmE0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNb1UCZdGE6apBSdeO4Kr5P5aXfAghKB5q7x2P8MmGJ%2BB823jWgKu8DEXggjlX8J2LuD91aFOX2z2RxKsA%2FCwTs%2BbAeVoF8ge5nXy%2F7Z1v60weWg7ual2qvvHZ0NSmCuLUahSQHglVVnng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc994a279b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bc8HxRBXXpNR-zWPr5lWHS2NmE0
Date
Mon, 16 Oct 2023 10:49:42 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 69C1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3086277655167560987&expiration=1698662982
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3086277655167560987&expiration=1698662982
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pcmC7stJdWvSzQSn1bUkV%2Bb%2FUNwG2%2FFILtwbXleVn%2BHIlYdQ4596uOAo9YkI5INhtnFeAC8Zw54OQ5cVzCIEuUvxdDiiZT%2FY1wEBub5%2BUkksScDVnJfS8VNt9WeUdhmng4iQGHL4nRRCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc97a83c9b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3086277655167560987&expiration=1698662982
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 69C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE.AAA%263237&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
ix
ad4m.at/ad/sim/ Frame 69C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame 69C1 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZS0VRuadfRPyjSu8sbJE.AAA%263237
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.inquirer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
37805
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
816fbc96cec8926e-FRA
content-length
43
expires
Tue, 17 Oct 2023 10:49:42 GMT
crum
dsum-sec.casalemedia.com/ Frame C0FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS0VRiHlXlv8XbllfPLwpgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HSGEDthCjstqTi5d63x%2Bms62J4Fs47D2rNAjqWlY5jwCoOQIIceVarxKSxlXkQ97u4Oe51v669pwLfjQWUEM8y%2FvA1MnGSoCVDyWeU3Cmf8V7b5yzk1QP3Syuxf2JdjYotGYXYMU35kdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc973fcc9b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAzu9zE7cTen55KKLxi49mc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C0FB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
73XNE835P8YD6HSTC1MM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EKGCXCW22KN9WXWNKGAN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C0FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6VxfNDuUDtXpG%2FNe869ShRNMg475hqabtfFLiWFcGAp0QfPbJ3htCdFghGzuxUtdJqyidcV5cXrI6mrRr1J6bMWLKppfhX4dILXmlamXlqoZFoMUJDRBJm0ErUY8xF5i4EmRDqavTYjgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc970f849b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELavFfX9AR5hPL_TWHxH2Nc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C0FB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame C0FB
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwiTfWvm2Vr6rLLt6Iz4wHOoEevqab%2FsOw%2BG%2BGABjnp3HsXNc4iap0q3X3ofgBk2Q2PEEhVlIPwdF7sgxllqKIM7TOdQV7w9Mz7K5NkRwnmYhahqPbO8Zs%2FOFokLVU9r5%2FfHJkgPyUmrCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc970f929b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Mon, 16 Oct 2023 10:49:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame C0FB
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713264582&external_user_id=09cfae46-90cc-4951-8b56-4336545e4e66
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713264582&external_user_id=09cfae46-90cc-4951-8b56-4336545e4e66
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUyF22MRGWbKlJL4qzpr6XQNa2oyhByp%2BUnojKRadrY50XHdJRDogNq7%2FKz%2FeSLQl2Oy%2FoToKbfS182N87cmlKyKGIUazOTAu1IYcjr9ib2ZSmhn%2FbfjO6MBU8JtNR5WJOB%2ByKzy76avtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc97d8709b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 16 Oct 2023 10:49:42 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713264582&external_user_id=09cfae46-90cc-4951-8b56-4336545e4e66
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame C0FB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7008708328693346175
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7008708328693346175
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gkLFmkjLotEBKJ3uBUtYvKXudfy%2FQpCHG0fgM1AFXXygzCCghSKN02vF3G%2BBBVcTwsbIi2UZ0yi1HyVqJUmlD%2BAXfrbVJfIwnDy5W5D5yCbOZU5yNufQ8v7IjZieDCelsZJkkkSWvFr%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816fbc9788119b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7008708328693346175
pragma
no-cache
date
Mon, 16 Oct 2023 10:49:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
user-registering
ads.stickyadstv.com/ Frame C0FB 		43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 10:49:42 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1697453382694054-533
Expires
Mon, 16 Oct 2023 10:49:42 GMT
sync
usr.undertone.com/userPixel/ Frame C0FB 		0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-32.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:49:42 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
EAhf-re6s4nwIWliJyHjXe1OvEbfK25H_LyRdSwo-S7QLmAkEw44UA==
x-cache
Miss from cloudfront
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.inquirer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.inquirer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.inquirer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.inquirer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10035.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-112-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inquirer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 10:49:42 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9HHXKD70G8&gtm=45je3ab0&_p=991142149&cid=816115706.1697453375&ul=en-us&_eu=AEI&_geo=1&_rdi=1&_s=7&dp=%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dr=&sid=1697453374&sct=1&seg=1&dl=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&dt=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&en=ad_impression&ep.authors=Ryan%20Gallagher&ep.published_time=202202270502&ep.section_targets=%2Fbusiness%7C%2Fwires%2Fwp%7C%2Fwires%7C%7C%2Fbusiness%2Ftechnology%7C%2Fnews%2Fnation-world%7C%2Fnews&ep.source_name_ans=Bloomberg&ep.content_id=YXFDLQ6PXZHG3CIIPAFQNM2344&ep.article_length_label=long&ep.content_published_time_iso=2022-02-27T05%3A02%3A00-05%3A00&ep.sub_section=business&ep.sub_sub_section=business&ep.source_type_ans=wires&ep.content_subtype=subtype-regular&ep.seo_keywords=zero-click-hacks-spy-phone-pegasus&ep.story_tags=No%20Value%20Set&ep.clavis_topics=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&ep.clavis_auxiliaries=%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D%7C%5Bobject%20Object%5D&ep.source_system=composer&ep.title=%E2%80%98Zero-click%E2%80%99%20hacks%20are%20growing%20in%20popularity.%20There%E2%80%99s%20practically%20no%20way%20to%20stop%20them.&ep.section_primary=business&ep.content_type=article&ep.page_url=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&ep.auth0=No%20Value%20Set&ep.update_time=2022-02-27T05%3A02%3A00-05%3A00&ep.login_status=Logged%20Out&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36&ep.timezone=Europe%2FBerlin&epn.custom_timestamp=1697453376933&ep.custom_cookie_value=none%20%7C%20none%20%7C%20none%20%7C%20%20%7C%20&ep.query_id=CNvZ2syy-oEDFeTsuwgdVpsH9A&_et=150
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HHXKD70G8&l=PMNdataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.inquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 10:49:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb-multi

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| pmnAdmin object| PMNdataLayer object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| Fusion object| pbjs object| googletag object| pbjsChunk object| _pbjsGlobals object| mnet object| mnjs object| LUX function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents object| webpackJsonp function| isMobile boolean| arcBiddingReady object| arcAds object| helpers boolean| scrollUser function| ArcAds function| noop object| mnjsWebpackJsonp object| rtd object| services object| tp object| _matherq object| default_gsi object| _F_toggles object| google object| closure_lm_674050 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| TiktokAnalyticsObject object| ttq string| GoogleAnalyticsObject function| ga object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady number| BOOMR_configt object| auth0 object| __G_ID_CLIENT__ object| gaplugins object| gaGlobal object| gaData object| Snowplow object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks number| BOOMR_onload object| permutive function| setNptTechAdblockerCookie function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| OneTrustStub object| sophi object| _aps boolean| apstagLOADED object| apstag object| blueConicPreListeners function| BCClass object| blueConicClient object| _mather number| _zid string| val object| tid object| apscustom object| __otccpaooLocation object| ggeac object| google_js_reporting_queue object| KI object| _kiq string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData boolean| creativeVendorLibraryLoaded object| cnvr_launcher_options undefined| google_measure_js_timing function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| BlockAdBlock object| blockAdBlock object| ID5 object| confiant object| conversant object| bc_json1086 object| PublisherCommonId number| google_unique_id object| __id5_instances undefined| dl object| signal_decrypted object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| PianoESPConfig object| cX object| Optanon object| OneTrust function| cxCCE_callQueueExecute object| cxTest object| GoogleGcLKhOms object| _33across object| ari object| publink_options function| InteractionTypeImpl object| coreid function| $ object| Mustache function| BlueConicMetaDataService object| _bcp function| RuleService function| md5 object| bcConnectionUtil function| BlueConicDataLayerUtility object| bc boolean| bcFancyboxLoading object| bouncex object| value object| webpackChunksmart_tag object| bc_json1088 undefined| cXJsonpCB1 object| bc_json1087 object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| jQuery object| google_image_requests

87 Cookies

Domain/Path Name / Value
p543.inquirer.com/DG/DEFAULT Name: BCSessionID
Value: 98680406-ac44-4b0a-afe1-8c81b9e41db7
inquirer.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 98680406-ac44-4b0a-afe1-8c81b9e41db7
www.inquirer.com/ Name: arc-country
Value: DE
www.inquirer.com/ Name: arc-zipcode
Value: NULL
www.inquirer.com/ Name: arc-region
Value: HE
www.inquirer.com/ Name: arc-city
Value: FRANKFURT
.inquirer.com/ Name: AKA_A2
Value: A
.inquirer.com/ Name: pbjs_sharedId
Value: b1b1f77e-7f31-4e1a-ae75-435277f5654a
www.inquirer.com/ Name: lux_uid
Value: 169745337386108899
.inquirer.com/ Name: RT
Value: "z=1&dm=inquirer.com&si=osonmjirwkd&ss=lnsrwth7&sl=0&tt=0"
.inquirer.com/ Name: pmn-cookie
Value: U2FsdGVkX19nVhniEOUMcx8T%2F6u3zA0ILhXdgtf78RImz7ab2f0fp%2BrfPX1qbT9Qrzdhq79CXbInxclpWf7mhj1wvnRXZk18TQAPYOGwErIl%2BbmHPKuD7NjgonhaxIb2UchbDeJhTicRAFXQTu%2BhFVwctqTpKXnafhl85fchdzfQyaJEvb%2BKV64sfLR3%2B34GoWMGZ0afeOrXt2eGLHtma%2B9joYgILpUhdD3go0p6pp%2BMNcG8NJJWXb5Rkg3upPiQpogrnwSDEaEIJrAULKe3Y14toQNUpgtyVX%2BF0IsPV9ePPstd5H7BP%2FHqbyR74TkPV%2BxdDfJmf91dlrgSgH4XXSGJfTG3%2FRegbJKWHI31zoeQ1DToPWJW7QSvT3LNEa40xejyKL7HMrCcOPgEhqBPPA%3D%3D
.inquirer.com/ Name: _gcl_au
Value: 1.1.1984974688.1697453374
.inquirer.com/ Name: _gid
Value: GA1.2.152868007.1697453375
.tiktok.com/ Name: _ttp
Value: 2WqHplGBRQ9sKcpVgx7Ey4UIqFg
www.inquirer.com/ Name: _sp_ses.00a2
Value: *
www.inquirer.com/ Name: _sp_id.00a2
Value: 5ac7bacd-cb05-4ee1-8028-c61d022e2db1.1697453375.1.1697453375.1697453375.4db5df6d-5a57-47ed-a65a-091f9480e544
.inquirer.com/ Name: _dc_gtm_UA-1605085-6
Value: 1
.inquirer.com/ Name: _ga
Value: GA1.2.816115706.1697453375
.inquirer.com/ Name: _gat_UA-1605085-6
Value: 1
.inquirer.com/ Name: _tt_enable_cookie
Value: 1
.inquirer.com/ Name: _ttp
Value: Q8HaKTrluXtKhQSeE0F9tsZOd2z
.inquirer.com/ Name: _fbp
Value: fb.1.1697453374956.1186900386
.doubleclick.net/ Name: IDE
Value: AHWqTUm4IWlHoxS13XdyNF94yFLVOGNDBVzd8gYFAySockK74i-YbNpR9iUSTyeCe58
philadelphia-inquirer-snowplow-collector.localnewslab.io/ Name: sp
Value: c718fa0c-67ac-4a0b-b37e-091c061a429b
.inquirer.com/ Name: permutive-id
Value: ed3dbb2d-5a88-4528-ac75-ebfd803662ab
.inquirer.com/ Name: _ml_ses
Value: *
www.inquirer.com/ Name: usprivacy
Value: 1---
www.inquirer.com/ Name: ki_t
Value: 1697453376028%3B1697453376028%3B1697453376028%3B1%3B1
www.inquirer.com/ Name: ki_r
Value:
.inquirer.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmAVgCZ%2B3ABwB2cQDYB44QAZeIAL5A
.inquirer.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lnsrwvnxv7v0kpmv%22%7D
.piano.io/ Name: __cf_bm
Value: k5jfSTSuc3A_MshE0_8pOe25GXIoBIkeH.T80Ddh_.U-1697453376-0-AcD25808CkQfxq/Y/pakhFr5qa5NF3Ly1VUZTttn2Cc061apUaUTsY1gMcQSue+motC7WPwyCRPfu5OpWtFSU7s=
.rubiconproject.com/ Name: khaos
Value: LNSRWVOA-9-DVJF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp33x/SMg4w8yAkF7RiBdb4AgvEG2sPPZosxPxU5qr+6CY1QUHtnUDV5H1/CNrZ8b8APa3Tu7xkzEgcdj94p/Mzy5gcsOrVlbMijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.inquirer.com/ Name: lotame_domain_check
Value: inquirer.com
.inquirer.com/ Name: __tbc
Value: %7Bkpex%7DfSPYuw_I0oUg2xcd90bxjZ3xglZsAataxJpHz61aT0yIHxYsd-YYKoD87dRJXPTE
.inquirer.com/ Name: __pat
Value: -14400000
.inquirer.com/ Name: __pvi
Value: eyJpZCI6InYtbG5zcnd2b2E0ZnF5cDk3MCIsImRvbWFpbiI6Ii5pbnF1aXJlci5jb20iLCJ0aW1lIjoxNjk3NDUzMzc2NjM4fQ%3D%3D
.inquirer.com/ Name: xbc
Value: %7Bkpex%7DZ45NIdX-N4dXyzJqEUmav3Atz2RfuM4qexTvebkQpmUNW00_LTCk2CXBoH75ISCPJs0B2aOeXEA37t0zLpD5X-QjJnBt-w0HOUdmx1XDZ4O9ARldAsmQ1BSHMtuglM_M40Xy0v28gBaZwb0tQcEElWTX3VJ1o7-S2Bt7bBTPLSY_vIxMMh2tCP_f_VXF2y2dL3umfmKKdGoWZKyZF74CsMwbZvAnWlymQekzdJqhA7PaMWa15WWupy8ybd8AhJXzKSTgXHvoPn1j3w4Uv7DijcFtSS7JOZQJjoxEVNWb1LEnH3A5moi4CfHmDJFn8-BzY_m4yslPBoYQMDXzp_-6aXNm7O4TsYZeh15NdYT5JTlSPOiQG-bZsc4M8LN_UTq4
.inquirer.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOnsiQ09NUE9TRVIxWCI6eyJzZWdtZW50cyI6WyJMVHM6MzMyMzA1N2U5YTkxMWY5YmE5NGFlZjAyOGRiMTJlZDU3YjU5NWYyZDpub19zY29yZSIsIkNTY29yZTo0ZmEzYTdmMTczZWI0ZTVhNGNjYmUwZGIyYzNjZjZmNjFjNTVmMGM4Om5vX3Njb3JlIl19fX0%3D
.inquirer.com/ Name: _ml_id
Value: d5835705-e973-4c50-9790-64b2d266297a.1697453376.1.1697453377.1697453376
.criteo.com/ Name: uid
Value: 6ce60a41-5d51-4fd1-a7ad-8f2d5d8eec22
www.inquirer.com/ Name: _pc_typeof_user
Value: OOM
.openx.net/ Name: i
Value: 6c14c480-8352-4589-bed1-eb12a01ed312|1697453376
.tinypass.com/ Name: LANG
Value: en_US
www.inquirer.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Oct+16+2023+12%3A49%3A36+GMT%2B0200+(Central+European+Summer+Time)&version=6.10.0&hosts=&consentId=a5721233-68d0-48d5-91ef-45bd0bece1cb&interactionCount=0&landingPath=https%3A%2F%2Fwww.inquirer.com%2Fbusiness%2Fzero-click-hacks-spy-phone-pegasus-20220227.html&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CBG1%3A1%2CC0004%3A1
.inquirer.com/ Name: __gads
Value: ID=0be7d2a615d7f8b4:T=1697453376:RT=1697453376:S=ALNI_MZZBJC5uxkZ7TQGpdFxFNe1-JOdLQ
.inquirer.com/ Name: __gpi
Value: UID=00000c9a0945e807:T=1697453376:RT=1697453376:S=ALNI_MZzhzVWUEQB5SkYBkKC70XWTCVYdw
.inquirer.com/ Name: _sp_flow.e261
Value: paywall
www.inquirer.com/ Name: __adblocker
Value: false
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.inquirer.com/ Name: cX_P
Value: lnsrwvnxv7v0kpmv
.inquirer.com/ Name: cto_bundle
Value: oU1nHV9EdE4lMkJQeXNwWmpkcld3N0wlMkZyckE5YjFtek9tRVhLODh1Q2lxakxud3JEVXVXVllTNCUyQkp4WmRLQ1NmdEM1eThWQm5vZzQ1UDYlMkZDR041NnVXYWlQVXUwaTlHMFRSODFpQTNuaUpiaFVKNXZ1NXd5MUc0WnhzUGc3NSUyQldJMm9FMGVncXhYNHRTUHo2STNPUUlEcTlqJTJGTlElM0QlM0Q
.inquirer.com/ Name: _ga_9HHXKD70G8
Value: GS1.1.1697453374.1.1.1697453378.56.0.0
www.inquirer.com/ Name: BCSessionID
Value: 98680406-ac44-4b0a-afe1-8c81b9e41db7
inquirer.blueconic.net/ Name: AWSALBCORS
Value: TDvjCNNVNjdryPdfKnyFTNK93cJ0awyew+vgDTCDpuz2WzEEPkEUH4hLCZyooX2uQXzBCZ3IlTYKrVQ8p5JC+5ErjePSwlG5btQ3nnKpE0FiPoEW3xJLgxJOH2ns
p543.inquirer.com/ Name: AWSALB
Value: KhGjTLvbffF8WLyA00psyzADau5HQ1N0ZAbX0INTkPzak41hcw91cyzeMWgfK5wUvaCC3AHQqpyDwqXlYr9l/jbjon5RzueqJ61iewTo8qqiDAcVXG/eJYpnVYRT
p543.inquirer.com/ Name: AWSALBCORS
Value: KhGjTLvbffF8WLyA00psyzADau5HQ1N0ZAbX0INTkPzak41hcw91cyzeMWgfK5wUvaCC3AHQqpyDwqXlYr9l/jbjon5RzueqJ61iewTo8qqiDAcVXG/eJYpnVYRT
.cxense.com/ Name: gckp
Value: 8agwqkwu282o11leo4dg5n1sy
.inquirer.com/ Name: cX_G
Value: cx%3A2kn8oxgtxoty2rqdt2inlhghe%3A2zeffsfzh0uze
.inquirer.com/ Name: pbjs_sharedId_cst
Value: VyxHLMwsHQ%3D%3D
.casalemedia.com/ Name: CMPS
Value: 3365
.advertising.com/ Name: A3
Value: d=AQABBEYVLWUCELBKhdTYvALnayry_GrA2A8FEgEBAQFmLmU2ZeAKyiMA_eMAAA&S=AQAAAoaMkzLPB06Bsgqox-98-BY
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: ZS0VRiHlXlv8XbllfPLwpgAA
.casalemedia.com/ Name: CMPRO
Value: 3365
.pubmatic.com/ Name: SyncRTB3
Value: 1698624000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9209D749-4430-422F-B993-0FE78BACC048
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 7008708328693346175
.adform.net/ Name: uid
Value: 3086277655167560987
.pubmatic.com/ Name: pi
Value: 160318:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.company-target.com/ Name: tuuid
Value: 09cfae46-90cc-4951-8b56-4336545e4e66
.company-target.com/ Name: tuuid_lu
Value: 1697453382|ix:0
.undertone.com/ Name: UID_EXT_57
Value: ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB
.undertone.com/ Name: UID_EXT_53
Value: 9209D749-4430-422F-B993-0FE78BACC048
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6dcf07c5-1057-5e93-51fb-358faf99561d.mo4paleuGUAuW5WcJka2zzApRf7QEs0BOibuV%2Fprz4s
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6dcf07c5-1057-5e93-51fb-358faf99561d.mo4paleuGUAuW5WcJka2zzApRf7QEs0BOibuV%2Fprz4s
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abc8HxRBXXpNR-zWPr5lWHS2NmE0.yr%2FatuqVBBrFOApiw2eOdVKb7ACS6H87RXuqyEbrlQs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abc8HxRBXXpNR-zWPr5lWHS2NmE0.yr%2FatuqVBBrFOApiw2eOdVKb7ACS6H87RXuqyEbrlQs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIImsOb4bFmzUKCSWRqVCJaMj4554HAkFmS4YKSJTQAGAEHwYBCDGqrSpBjABOgTwLrJgQgTPmH3i.YeYm2SlCs3wI0v485e2UihytPwkcXMyyXRf5vyqVXM4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIImsOb4bFmzUKCSWRqVCJaMj4554HAkFmS4YKSJTQAGAEHwYBCDGqrSpBjABOgTwLrJgQgTPmH3i.YeYm2SlCs3wI0v485e2UihytPwkcXMyyXRf5vyqVXM4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AxtAqW1Xfk8lmz8FthkEbhY
.ads.stickyadstv.com/ Name: UID
Value: 9230421241687376983d9395c5bf0
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZS0VRiHlXlv8XbllfPLwpgAADSUAAAAB

3 Console Messages

Source Level URL
Text
javascript error URL: https://www.inquirer.com/business/zero-click-hacks-spy-phone-pegasus-20220227.html
Message:
Access to fetch at 'https://hb.yellowblue.io/hb-multi' from origin 'https://www.inquirer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://hb.yellowblue.io/hb-multi
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZS0VRuadfRPyjSu8sbJE.AAA%263237&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13707460.fls.doubleclick.net
aax.amazon-adsystem.com
accounts.google.com
ad.turn.com
ad4m.at
ads.rubiconproject.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
analytics.tiktok.com
api.bounceexchange.com
api.permutive.com
app.matheranalytics.com
assets.bounceexchange.com
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
cdn-ima.33across.com
cdn.auth0.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.cxense.com
cdn.growthbook.io
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.speedcurve.com
cdn.tinypass.com
cdn.undertone.com
cdnjs.cloudflare.com
cl.qualaroo.com
cm.g.doubleclick.net
comcluster.cxense.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
d1pozjtpbhnh0m.cloudfront.net
d33pn8gtn0nu9p.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
data.cdnbasket.net
dntcl.qualaroo.com
dsum-sec.casalemedia.com
e.cdnwidget.com
eb2.3lift.com
esp.rtbhouse.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
experience.tinypass.com
f279b5ea-1200-4ff6-9d35-17893279723e.edge.permutive.app
f6c0055df31273812be762ef6cd8adc1.safeframe.googlesyndication.com
fastlane.rubiconproject.com
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.minutemedia-prebid.com
hb.undertone.com
hb.yellowblue.io
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.cxense.com
id.hadron.ad.gt
id5-sync.com
ids.cdnwidget.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
inquirer.blueconic.net
invstatic101.creativecdn.com
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
media.inquirer.com
micro.rubiconproject.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p1cluster.cxense.com
p543.inquirer.com
page.cdnbasket.net
pagead2.googlesyndication.com
philadelphia-inquirer-snowplow-collector.localnewslab.io
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
prebid-a.rubiconproject.com
prebid.media.net
pro.ip-api.com
proc.ad.cpe.dotomi.com
protected-by.clarium.io
region1.analytics.google.com
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.srv.stackadapt.com
sync.taboola.com
tag.bounceexchange.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
view.cdnbasket.net
warp.media.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.inquirer.com
www.npttech.com
hb.yellowblue.io
104.18.25.18
104.18.27.193
104.18.35.167
107.178.250.234
108.138.7.10
13.248.245.213
13.32.121.108
13.32.121.71
141.226.228.48
142.250.186.130
142.250.186.166
142.250.74.194
15.197.193.217
151.101.129.91
151.101.2.217
162.19.138.119
167.235.124.61
178.250.7.13
18.196.112.58
18.197.47.48
18.66.112.93
18.66.97.32
18.66.97.67
185.64.190.79
185.64.191.210
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
23.201.255.110
23.212.88.20
23.38.98.44
23.52.120.27
23.57.19.78
2400:52e0:1e00::1080:1
2400:52e0:1e00::1082:1
2600:1901:0:56e0::
2600:1901:0:8344::
2600:9000:20eb:ba00:e:2f90:b980:21
2600:9000:211e:d000:b:4a1:3f40:21
2600:9000:211e:e000:13:a391:88c0:21
2600:9000:223c:e800:1f:2473:9080:93a1
2600:9000:2240:d600:10:474e:104a:2961
2600:9000:2250:a200:a:e047:753:6381
2600:9000:2251:6000:e:3d02:4d00:93a1
2602:803:c003:200::31
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:20::ac43:4a81
2606:4700:4400::6812:29aa
2606:4700:4400::ac40:90a6
2606:4700:4400::ac40:9b77
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6811:7611
2606:4700::6811:c276
2606:4700::6812:83ec
2606:4700::6812:b07e
2606:4700:e2::ac40:8f06
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::200d
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3100:795::11a6
2a02:26f0:480:ba2::268b
2a02:26f0:480:f::213:7ed5
2a02:26f0:7100:585::11a6
2a02:fa8:8806:20::2100
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.212.15.0
3.71.149.231
34.102.146.192
34.102.193.48
34.107.254.252
34.111.8.32
34.117.96.210
34.120.135.53
34.120.253.250
34.120.63.153
34.149.14.182
34.149.203.84
34.95.81.168
34.96.70.87
34.96.71.22
34.98.72.95
35.186.255.72
35.190.39.111
35.244.159.8
37.157.4.29
37.252.173.215
51.77.64.70
52.22.89.243
52.222.208.154
52.222.209.4
52.46.151.131
52.59.78.152
52.7.177.4
54.155.227.74
54.164.154.71
54.171.212.190
54.228.149.175
63.33.97.132
65.9.66.68
69.173.144.139
69.173.144.165
95.101.149.233
95.101.54.235
98.98.134.242
0039e1283a0696bd65b17c519a21155018d7b6286e0c7d42e3baf72241f906b3
00d65c3898b2635f3b297d588d4bc0c63be1145980455392b44bc1551999ccf0
0402271bf7d5212741033f6797b4aab03a88ffab39db72716d88555951186358
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
061e9951fe0df4b2e1d832a97a5a333423398c6a0fbb8ddcb4f6843891457e96
0657951035cc17134f2536b690c9c0c8ccc88b1ab95fdef79a33dc78bf9bcd1f
069cdae9cf0046b63eabb90e55984638144718284a8aa752d95e5f8e7ee730e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f3fd2f38c9a5cb102b6c407322b7deb9a618aa38ff2217ed3a7d9c19cc89e2
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0ae3db454842684214d77a1a926927a123684b8269a3748466546279f1299d16
0bba7bab14234ca6c56af050f406cdc0f3e2914d484b3fba94c24672ee6105ec
0c7f4d143d8910d1861d5eacc5e441279d7fd7ea5b86b37358f19d97513f6ba0
0da430fc50b24c2a4d3a10ffa09098ef06d1a2c1363a2e9a7d3fc9f1938f90b9
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0f7d493281f587e7ccc47d50fe606e48f0bc692606fddbcc735f303fac28d7ee
10c2dfb275c2fad62679a7a040cf5a879c2a7aca3f894d99859a52fe151774cd
1100e6cd4c1c8da05e9491cd6a1b97257ee60421048b264de395b2d5952d993f
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
116f5371289b5d493bc6f6921ef995663397e1639750895951013e82d9ae7578
1317ae881b9f4d199fdfd142c20865ccbb750090997f05ea6a74814037e1bda6
13a1c4ae2eb98517ae991e22d133821d33f9da4a6b4b164ff7908c029adccc30
14b4a76d14e5b493840dbf58ae0b94c70cb5a79e895b0215e19f0b48fc54484b
1820fa549747124861aaba93c0f967804385d4e23c926414e35ecb3a4f670da3
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da1b73e9de471e0d18a2aa2e980fe6fe7c189507193258155206aad973eac18
1db67113d69f1a7312245dcedde3342703bff894a6507c255f40b93d0001880f
1e70bd3712e4b952de8a31d4b4aaeed68ed73b194458c920a10c01e972b4d304
21e7209291b34df91e78f767edf195c0a450a4b58dc1d1eb51608d2d8244df12
23d80f4391ec460292bf14ea01885d8b7ec1a437d71432c2c6227ad88e154028
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
255f62b63426f7cded6b33d95e427bbebbbb5de8799cabcdcc3a84bbad1eaa93
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2859fd4e86cd85638342fe6052b58dd6e728c022df0fcb1adeaa0f18531520ec
286dbd5b53aa1d97f6a86859f3bae921f62cef02eed194378ec906b68c3b67b1
2b4a1f920a4cd83a61ab7b321f52824f9b3b566c377c96dec3eef6813ac8a5b1
2bf29608a9af4d17bd6384fed1b1f197b12b49d38378bd1fa8a4f707d620a48b
2d867b6ce00da68b8e4d45961d2f8c553be25c04ca3eae23434b96def417cab9
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412
2f704af62910e8eeaf5171b428496b65d2f6c1643d0cf027b8d8b1b85770f20d
2f8985c3c0eccd2bbc6907282c3b17f32997a259e18ab77777df272772c0d370
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
2fd41d1085a8c38fc65b79137dabfd9dfdb38065a7f59d82209c69c01154d696
30819dfc81e6dbaa3885a2e3d5b6a1f6fc32d7343d7eef67bbb137039b792d66
30fd8f878386ff81014c79ee37e0716bd1743c54e94575d3770dd9d0d64885ef
310de9600c8bb44cc93f7917cf8285ebd1ad24620773adf3f2df4e5e0db9dfd1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3227c48cd87741f301ff4fd78b649c9e0d61ba45b421c2dd5651dd96e46dec0e
326bacb105aee0c9ccd1dda381b8b17d913a5cea963d9e0ca0c7ab7508215327
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
35d66f19700c5b0436e30ef45098eccbf972731fa5f209ad17a62f8e0a4b91c2
35eda4ab308ca13124d4d8e04743fd009d03d310f1413edc09e86a65a7914d64
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
38b621c1199cc5c6d6a3102e55da07b50a93de29982104faf8528d7df76857e5
39616d23ac8e07f25a70bba6f2e231e2db04d204ca0c63503d6ba03c1bb9aa7b
39f3fa4b163b494c224598edd90113fba679a2d3f06f9832d37cb9a8b4db49a1
3b1d841ea4e9182c73ea8536756ca6bf7bacf0182227b8a435ec7cad8e885293
3cc6e0d8678e6cc2355f7343a6ca33dec87b7649e296d8089cb90f153355f1a5
3d698d9e79c2f9d7b0065fadcb9f313a0517f845da996e7097e682eee7c1ede7
3e3398b27f194afecff1a1a4781e940cae32faf6ce60f5262c8482ffce959f09
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42551aecb6a47fb5577a82136e1b5fed47b3dc7e72f882ff8b4c516996ebcae9
425eefa714c887d9fd3dc85f3cb130af9722b4834f31544b166914a27ec794ca
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
483c0638358a98743d0629fd0caca2831a9fb1946c4d12f4aa1ac0868c432320
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4997370e1557f690fb52b550bd5012aabe8b0f451bc8fece356283143df4c21d
49a6ae89256c38cdc9a17aef9325ec80bc07abd6f5570b627bfbc37ce39e9af1
4a0dd0e08403a0609717301d80fa36b5538ee053e534ba2dd143984ba25b6603
4b5d997c338bdd6a8a591cceba5ff9553ed92494dce5bc514e0aedc036a175fd
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4be2f107d4393c6ffef810afa8076af57aa43afb7634ffd0bc53d72cb06c1afa
4c343b8cb0b338461e086fcb476567e6ffc5d619bad7491ff66a9122297e08cd
4cb6cce79903bdc1ee04072eb772d2e48541d14eeab6929bb44182bbc7eaf5e5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb4388f8dab3e131fe4e42fcbc219966319f7977855ee585bccfbc1bcbc263b
500a194d734402f7b1e3b0a73331b57ea7c29615d20f167e28fd3e42adb2f8d3
50dc446eef1ea72226ad8c3f859c29e86badb019e5185d320ef9a1de48b3cecb
519f2477e77c3a5884c2891734ec016c189033f43a47cc3d0afbf4d4d5a405a5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54a153f4cfcd731f1c072a556ea39f93f23f4b5645c2158ffae19991891b9ca4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b7396074b7aed6c0828ecdbe660d8f15fe4641dd8f82c1bcabba0e9daa8cd1
55e7358e61a74e540164ae74b6258eb9d5c1d80dbccbd7dfb102dd6a9fa1dcf7
560f69259690d4fb1d41b7485b77d3dad1f0499b1b23d700907febe4656e9492
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
5787838cdb43023dde6cf9fa55e10a204ac061bdefab003b55998323d1c63f1d
5826c971da7c697558fc37fd964bf6f1dbb5dedbadd19aba7c401f547bd3df09
58c9bdd016ff2b2c14baec5f5250aec1f5926d355a7648d3d92c9e765c2aae25
58d1819a0401dca6fb22676f82235eae7a0ee6c7b96c432ed2b10c1aecce025f
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b773d90b2c41acdc4d086da0852c47e1df8d7b6a809ab97d329fbccf5953acf
5b9c1dfaa45a5008dfbdd5e70baa91bbe96636fdf9af18e25563990268e4680f
5c9b545123cc9f27a453869cd70f5d6f1da1df01c0297840bd6df03ed4ad2812
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dc39875fac11b74676a6bfc54267cf18556e86b5e892312ca10732104677c7f
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5fbd4d2f131aa05dd559748bf600567f24df02196d7de7996bec7655e4beb131
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624d9b9ef617be9fa66b5f1ce4d8594f840287e57d197e479b7b52c34d6fc47e
628f36dfadf4d9dbdf5e1eaf8f46cf77acf6a106d7c02be14e8722f2964a8280
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
657a092375cd127641e04a4959a6f38e02af20b458b9e4c282ca34402a93390a
657cf211df4bcb4422d5f625f78f14c3cb663567b1147ef40dcc001d1fa28c0f
65db95521f83779f4c33ea440a34ae0c95b7116a79d67cea132940fdddfeedb3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
670ede5f01dc0fffa9e9596dc278440a6f339e9354a9f8d0ac90fe4f0f387e11
68ab2aab507fa710139efa05ca7b430dcb087678db2a2f08adf76aefdf29141c
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9
6c0f1b4140a2b5ee8210bf1c927ccd58a7ec7b18a4ecd962aedbaf2424b1633e
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f32f4b1aebee55450f9eaea7572be5631167000c60b202e32fd7efe10534e2f
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
6fe7e716c3508a48fa89f4bdf136195d4f48fa4c48b249a4c7088b3eccfaf32f
70a6d0db11f0a543b5ee5a2827d41e9a880dd98510cc2d11118a0619b6874ff3
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
783fa023fe129c181d9d1ac812abc56e3b3074b504418a7b1ac82742329cb838
7860bf7e8a2fe623bb74d954b242a0889f3e5b0788e74979cd044f596357e23c
787773c0f5420699e0fc041141595ef611aa2a9f13bfbe565397044ab205f9c0
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7a5b7ebd9a2e42333ed170634b2b82680d62fbc300aac3e8f17033eb731fc6df
7aec5eba37c39e94a86100caeaa2a757757ccd33e04a5ed0c3d63d67cadb3334
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7c3a6268ee7cdec2284d3cd2232956ee0e11429bc71192a081a4f9823d69d92d
7da0e7b4d8137d37dc4d7608a04814309493e90fefe051ab55fc93ae7d484158
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
81404a2000460db4a28cda615e5fd2c9e1925e171aeeab7cc25f05e69347d64d
819edde26fdac9d1a5f9416138de8998ad84ad3c23866976ace670535fc5f9ab
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84eed2f145671a330f4c13a92cbc19708084e1f2b1a1d36678cfd856e7c03d1c
855a02fa7e5e3ab79128f427ee404a5230070f9254ee63d47f4b8ee4c753b6b7
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bc1347fa3b6753fe35c6b9e0aeedeff77b1e0878cf886f70582964740dac772
8c707243ca250f537df1e799c2b16d01ec999a05f5fa965b1ef8ab783ba7f6c0
8d50f340af3201fff5006b9b00d60a56d2c98ea711f737634f299e978391f81a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed6468cb88f43aaac8248412ce76678aaf592ae89707fb7d46a923e9481186b
8fe3af40d31902959bdbec829ca5260c9028da4b7735c2c6d002bbef158e0b4b
90830be08e1f5b8b2fde3d337d220897533c982741b33bd0998a7fe508362c9e
90ae8d4f2667a1b7456226a9395544f7863fbb3763c35fd3b54a0b2da66975fb
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94a8097a18222be803eb5c53dcfd74cf7272fbae8639a2e6584443351c0fa741
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
962cb4f23097fcaa3392289ce77bc0578ac5a4b9b9f54ceac2426bd5a3f04ed9
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
9718b018e19ec6fac19370e30f9a04d5f1afe35c602a01ac8d037538ee3e35fd
97e250ed5bf13d39ed540490716fc303c47086b0d30462a2f3fdeb861d462b3e
98af05a24674d509266a8b99b471f1f7594123c378010a455c6cfefcc5b930b3
99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c
9b5038ab3bb61e07042a73b7757e29b896dce557902aa188e2bfdc3122ae3644
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
9eb8eb5329931234e7a838560f2c80cbab17bde59776a4619325089c790978b7
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12ad7385fec1447192d804b476956a6506fa7bcd7982b9b1d2a19e55db4f597
a18ccfc40596337ca34f2b1ef2c7027120c2539c3c0e9c3f2a08fb8fb3a3d56e
a3ebdeb7e9a6c9c1bd2ace17cf49f25043133c1d8ddaa83fccbbf44d54a8da13
a4f0f025020c3c099fa95971e37be3a34447a02bee6d8427fda54b85cb9a1eff
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a61393c3fcc04cbd123252e692012ef699dc7c45bf6ffb355b650612c97b8204
a63040e6558df1d47dd780393a3b63d6370302b5a28cc4d6533bee7dacaf391c
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a8c9bfc6297936be188b308554f7493e7abc04819739e3ce54615846545e42ca
aac6b46a67e6fcc19be02947394076703299d8a013f0e873cb31692da134560c
ac60b26739ec240324437cec8d81b047e65ebdf10b4f4b37923712a1c7c51be6
addfcaef52a2f4c5392dc1031d880daaf3c41ff53d767095906f16aeb796a169
af1a2658d19d3263130789ac51f5ca01cedbac53731e0996c0d26dc05548e599
afaa484b9cdb55c503cfdffd022f6fa1ce0e070f640c438a18ec556577b75d66
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b136a3b935ce68c468fea8bc842f1e29300e9dfbfda46b0327fab98111fa84a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b4972356f4f782a7098624bd9a3b1b29a79a2e7fcb893610720506871e548a78
b72caa354802f965ab00dbd275d34246dd38720ca70ac13f50b97ec2bda86bce
b76fe77c55eeef30ca746dd73b4e35bdaf1ccf6a25df2915c3f4c9abba5b7c04
b8b32a5f50983b32542b6aec220adfdef1b1dbcab733492a3f668245a897451e
b8f7a67861972c13bbd67f527a121e276359e74a34d7366043870a77cd03ebc3
ba5a681b4b027663c9f7bb78652df2f79875e7bcbd77313607f78888fe478485
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb3086974978a902a9c3e9e179e6597ebdaeff78b6ca396fcb7db9b16f8bce5c
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
be3bfbe2782dbab39531711f1173b7a04f4064197b24b7097fd8e9044d63804b
beb4510ed2fa6d2fe54fc65d844fc1083fd7504213eb299f7c2f43c16c2cfb8a
bf0f49ec25e8f09727456287b25b17e235580837d988ef854fb9eee8d9b4d8be
bf47115717419ac581b7d8a35b4ed835c1f1b66852071601ad6ed6d9f5041df3
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3e03a3e074707923e33eced37e40e9c707e73b5736c553e12e1b97adef976c9
c467b564be293f00c7a1eb304ba7e406db57f4f2f863259ccb61d9beff3fb233
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
c56d55379aeb0284a29703c3db4887db088dadd0d7899a6c9f76af73f793fd74
c68752b04251d67fba5eed3ba5770a6ed41d16a4c4368f1a09b914d115334cac
c71ee843da83bc16cb981bbfe3416d4b812d3a7bb2f7ef1ae8220fc818748de6
c73d7364434e85520404d42d76844278dcdb812f2d6665b1a49c2b9e00dfa943
cb75b13924e169f2d19a486d980237d3a05cd577052befc15ec1e40484fb13a9
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
ce63c819978360e37e152ecdd8a20d6aac08378044f11342c6ef5ad26fcefd14
ce7a2ac2b78066ac886f69f41c83d4fd2ce1670d8c4e2775d680dd3bbf5081b4
ceaf9c4d61ea1d74b27b3a0bd7bb4f7476ba595ecbaecba3f1ddb0408a56255c
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d25958f62c61618f968dad04aca3a251c44e48d0cd571a9aa1bfb2dc0b756d99
d2a8a19eb9f2f362d218109433e2a8e7fa62624fefe17e1ad85b5a48eb455a0c
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d2d38e9afa4eb80d01c79ac892c13c3c6f8259f5ece5a16ccc5f15a8d82355ac
d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d44190b49b04bd555760c4b9731218fcf034210a1d8e977118106e04fc77e631
d51e19ac12580eb58ddf3eee753073d68818f7aaf282375238657ab9fbc47028
d5559d3b0cee55783bedf2468ef7d7e02f60eca4bb91ccd8ec0fbbba1644b8bf
d6a2ee8b301579dccae286e9276d8c877d1415f91f88bc06f1cbeaddb1d35cd7
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7e3a57e166dd3cf43092991ae3d604a87c4ac87a58167339e21c9cce5c8a587
d86c9f0c7fc2bf083c5a81292b91d11bb35f818749c1136e45a46f577a53edde
daa4dc88c449f16f019560ecc8ed4df193b57aaf7c9d82f77f9e71e4cbe44f48
dc0c6617c8fcc8faaa4257a4e306c1605139fe9777d5e99f41e9bd25f3a3c9db
dd259fdbc80f8bbfb61adbcb82c2a2e822873c1f615efd719834c3493ae204df
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb487ad60e67cfc094904301d27dcbd5b49874620510f33d3186dfd6eff291e
e02eb00f2a867a72ef2c1d526779ba180403f842923b39c3a8bcca5f201ae61d
e0cafce5b6d05c398b0b36c59558eab2f36ccf914a320bdd893c9f23d9269864
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41eb371c40ba1bf196bf7a0d04a16f51622aedf94e408d49462f9558447e382
e4a52a1a068524c2177c137edc49b56f4149f6090e91a12dc6368407d3c8da1a
e521965bc200148b7b0838ca3794b2612d22caa4791d5bc13b5f56a1ef26f610
e65c1d2bbf69f9f0041311e972830057ec29e8d3014de2b88ea2b21dfb690b60
e6b51104be7c9a49981b3f85e3ea7e67ddea04724346f68d60043f9e617b5d09
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e96b932f32e27859a464055e6e4fa7ca9ce93be2fffd06f2089a2a5d445e2bcc
ec26b935415b7d8342305c99eff1dd529a99e7f0cd8a4ec4cb5f17a459451783
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bffff5d478f9713b1efe1b459413f3e4dc6fe24bd19e1ded915ad97a77fc41
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f6841c12c5ab8e47dfe2396ed65f2309374867a8b2942c50eec2a4216d559ef6
f6ba3ded1fb4c56fc12e7f3dea88e1c459c5bf1a74ce66ec941d860eca9d59fd
f7795dd9e45c558b1cded4e3ffe720164ffad6903e432ae7be78c53d82182e25
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fc299cb1258c7e189599daa8fc95186bb8bc5a1b7133a4f6f5a78da8748c39c2
fcae36a3978f89c7b6c2c737ad2e5278b2abf01443994d8410b63b0c69bbc3f8
fdaa2492bfd3878d321997e8e2c4720b4ecbbeb98ac39541fe9982db68955b25
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218