www.iphonefirmware.com Open in urlscan Pro
138.68.253.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204
Effective URL:
https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&ut...
Submission: On August 06 via api (August 6th 2021, 12:30:15 am UTC) from SG

Summary HTTP 206 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 15 domains to perform 206 HTTP transactions. The main IP is 138.68.253.67, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.iphonefirmware.com.
TLS certificate: Issued by R3 on July 11th 2021. Valid for: 3 months.

This is the only time www.iphonefirmware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
51	138.68.253.67 138.68.253.67	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
18	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
7 11	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
55	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.210 142.250.185.210	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2012	15169 (GOOGLE) (GOOGLE)
206	23

2 2606:2c40::c73c:6702 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 138.68.253.67 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.iphonefirmware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.210 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f18.1e100.net

p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	1 MB
51	iphonefirmware.com www.iphonefirmware.com	539 KB
33	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	204 KB
15	gstatic.com fonts.gstatic.com p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i1-v6exp3.v4.metric.gstatic.com p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i2-v6exp3.ds.metric.gstatic.com	175 KB
14	google.com 7 redirects adservice.google.com www.google.com	1 KB
8	googletagservices.com www.googletagservices.com	289 KB
7	ampproject.org cdn.ampproject.org	124 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	google.de adservice.google.de www.google.de	516 B
2	google-analytics.com www.google-analytics.com	19 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	3 KB
1	wp.com i0.wp.com	40 KB
1	googleadservices.com partner.googleadservices.com	263 B
1	googletagmanager.com www.googletagmanager.com	40 KB
0	Failed function sub() { [native code] }. Failed
206	15

	Domain	Requested by
55	tpc.googlesyndication.com	googleads.g.doubleclick.net go.recordedfuture.com tpc.googlesyndication.com cdn.ampproject.org www.iphonefirmware.com pagead2.googlesyndication.com
51	www.iphonefirmware.com	go.recordedfuture.com www.iphonefirmware.com
32	googleads.g.doubleclick.net	pagead2.googlesyndication.com go.recordedfuture.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	www.iphonefirmware.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	www.google.com	7 redirects www.iphonefirmware.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	fonts.gstatic.com	fonts.googleapis.com
8	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
4	fonts.googleapis.com	www.iphonefirmware.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	go.recordedfuture.com	1 redirects
1	p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i2-v6exp3.ds.metric.gstatic.com
1	p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i1-v6exp3.v4.metric.gstatic.com
1	i0.wp.com	www.iphonefirmware.com
1	www.google.de	www.iphonefirmware.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.iphonefirmware.com
0	138.68.253.67 Failed	www.iphonefirmware.com
206	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
www.iphonefirmware.com R3	`2021-07-11` - `2021-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Frame ID: EFDA955A47B7432ED2FB0039D7B57D29
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: 9B5F55E00D8549AB412ABAA865BD0F12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&adk=1812271804&adf=3025194257&lmt=1628209795&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795559&bpp=18&bdt=717&idt=276&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=223846803365&frm=20&pv=2&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: ED8E7C1CC2A8FD2859498FEDA3AD1212
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=2692030733&adf=2922193087&pi=t.ma~as.4249744502&w=696&fwrn=4&fwrnh=100&lmt=1628209795&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795885&bpp=1&bdt=1044&idt=2&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=XLsWEuxLAi&p=https%3A//www.iphonefirmware.com&dtd=8
Frame ID: B954A7687A2E7F0EC7B9248E90313185
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=90&slotname=4249744502&adk=281592885&adf=193766564&pi=t.ma~as.4249744502&w=728&lmt=1628209795&psa=0&format=728x90&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795690&bpp=3&bdt=849&idt=218&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=foTV1tzd56&p=https%3A//www.iphonefirmware.com&dtd=231
Frame ID: 7D4A7532556F0DF1A3A8858259B0F5CE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=100&slotname=4249744502&adk=2817573891&adf=102378993&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x100&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795741&bpp=3&bdt=900&idt=194&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P36rFUFkzb&p=https%3A//www.iphonefirmware.com&dtd=210
Frame ID: 4F9E60844A1506AF571B4030C59B67C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=200&slotname=4249744502&adk=1127641864&adf=81069172&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x200&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795744&bpp=11&bdt=902&idt=252&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90%2C750x100&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4umdzCd2Bl&p=https%3A//www.iphonefirmware.com&dtd=258
Frame ID: 4708BF0272952D60C8C59822E1BF6568
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292
Frame ID: D272FD3FB35892A2E14B59951C7E9F28
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=250&slotname=8805777179&adk=1826659594&adf=2069371426&pi=t.ma~as.8805777179&w=300&lmt=1628209796&psa=0&format=300x250&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795789&bpp=1&bdt=948&idt=314&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=662&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wiJ9WQHJk3&p=https%3A//www.iphonefirmware.com&dtd=316
Frame ID: EE2113D015B13A8885922B9BB27D9D46
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328
Frame ID: 43F809B968A3863B53514989355F6843
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
Frame ID: F26773F7829970A0C59CBC3C57721BF9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6DEC5E5925E9459F2F3CB1A15BA9BB7F
Requests: 2 HTTP requests in this frame

Frame: https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: C6BC51711D5E47646AB6F098DC54450E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3EFF1E7FFD9FF9AEEE70E6CBC025477E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Frame ID: 0FC3287EAE1B6FCED3C66022646A8C77
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DEA18C629BFBBAC51BE35A99C4B1AFF3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html
Frame ID: 2899917A70439DF72E5B45485A2DA2A6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cf7xhg4IMYfn8OvHO7_UPmPiS4AmZl93jY6HDl8-dDtCg1vesARABIKSq0AhglQKgAdTQ0JcDyAEJqQLuiN0yZ9uzPqgDAcgDSKoEpwNP0BrliCT5GQJSaDJmlSB6vlze3NmOJlpWIcD5Wg3KfliP5M6IBlFIMvIdsnXjx822weEyME5IJP5am8ka_JO2dhyfOeMfmhHv6wFgTCQzXuwmWMQd8VJeBXn7VPHSkQURdPJtCXGafr9mm1Y64ppBpSIBDHKf9V4KrRu1yVggfK8EJWY2sjXtWEd6sHBtEHIZh8f8PzXTVDWvaEtwMCxo0nGjNW7sQhC6ddRbMV5bkWF-DrliqQD5VIdFVDxik1eOYUhWK6nUF09Q7bYKxNlQfU8ayDkhKnbhjsiIHOVCna6DNeFxWQyGQNRCiQlv8KS7T-E5YZ1kcesBKpIQXml8ERe2N4sndI-DyD4vkngGwwAgmc-RDCxrN6ZiUI79bISggqCLENMIk2dCHZAD_rVCVc-ntsZuwM0ZhNfFddxxsfqPBgQMAWDvvravmN3Cq9g6hFKNBVwlJ19_V3-bcvJI2nH2NgfAchL0VrhF6f3o2my2fZh8DUvYOi5GDdjmEsozxNaT_AUF5wrcfMS0jnM7gvUX1PWnkO-KL8erMmMJ2E_QXdbKhqLABKGC5LrEA5IFBAgEGAGSBQQIBRgEoAYugAfL_9xsqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOKkDNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0zODM4ODQ5NjY0MTk3NzMz&sigh=ICVlnPnZIKo&template_id=419
Frame ID: 5A7EF7C31EFE833C75F792823C37DF62
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9A99FF8422D328507D6E644E48EEC3F6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: 4BA0138B9146CB9D3C96BB627F9470BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D7431197E05DA17BCF69ECBDB665CDA5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D59C4384E160E35AF25835667632BB22
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 06D98D4A2F4660071AB0A758F4615B96
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: C04CB00BA8C6B913AE0F554AB61D8925
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: 465202F5357E9DF349BD3EC61BE48AD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: F98CE0A3258E867DFFAD5A27372D8F61
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: D59FF82397B537FAD6709AB0F0EC3808
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5784A9C21AB4E2631E4407CC19275B07
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7D75AEC2DCA01D3FFD40E5AF64F7920
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204 Page URL
https://go.recordedfuture.com/events/public/v1/track/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFw... HTTP 307
https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?ut... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

206
Requests

100 %
HTTPS

77 %
IPv6

15
Domains

22
Subdomains

23
IPs

3
Countries

2570 kB
Transfer

7352 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/iPhoneFirmware
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/iphonefirmware
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=iMazing%20app%20updated%20with%20tool%20to%20easily%20detect%20Pegasus%20spyware%20on%20iPhone&url=https://bit.ly/3xsEF65&via=iphonefirmware
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iPhoneFirmware/
Title: Facebook page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204 Page URL
https://go.recordedfuture.com/events/public/v1/track/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204?_ud=1ddab29a-6fe5-4839-85fc-1c111fd455f7&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 185

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 188

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 199

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

206 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204 Show response
go.recordedfuture.com/e2t/sc2/ 8 KB
3 KB 59ms
41ms Document
text/html 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67d3a7bce68ede8c0db7463af0eeb7c15d614c59463e46d7106589854c8ceff

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:51 GMT
content-type: text/html;charset=utf-8
cf-ray: 67a4273e9a394315-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4d1ae1bc-56b8-4466-8295-fc07ff025bed
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocEgTjNpTAvev4FBT%2BoTmIKL5aNrW0aGojGBij%2FjgmPRWgiom1vl4UqMZpw7R6ckX2nlW0tAgNkFXHcScfL9HRYwqe2svM%2F9IHob6wo1h5cABZn1A77MuV2ue27sKM48vViPItMMEH0JGLPBBh5WsescAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=596d5b318e783b218440d799428b8711fac9e676-1628209791; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204?_ud=1ddab29a-6fe5-4839-85fc-1c111fd455f7&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p
https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9v...

161 KB
24 KB

2311ms
1771ms

Document
text/html

138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 27007414e5c5225daa8c76e8ab6ab960b06780c1180fe0d570a819e6e6e55908

Request headers

:method: GET
:authority: www.iphonefirmware.com
:scheme: https
:path: /imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204

Response headers

server: nginx
date: Fri, 06 Aug 2021 00:29:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.iphonefirmware.com/wp-json/>; rel="https://api.w.org/", <https://www.iphonefirmware.com/wp-json/wp/v2/posts/285503>; rel="alternate"; type="application/json", <https://www.iphonefirmware.com/?p=285503>; rel=shortlink
content-encoding: br

Redirect headers

date: Fri, 06 Aug 2021 00:29:52 GMT
location: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
cf-ray: 67a4273eead44315-FRA
link: <https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 68c395f4-0e7e-4a9d-8fcd-0084fe1ca6f4
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u8TfxKipPFaxA5VW3lShIpyCAsUuJwiKw6ftwDsQheN%2B8ZyJJL8PJnHrTpGeQJXemqwDiJSuIk%2FNixN%2FP0POyrGdJq%2FjcSbvfUe2TrW1ddY2%2FIKDgR85dydghn%2FPoTt7R0TS5o2RT%2BeHr9H27yowWkOww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 lazysizes.min.css
www.iphonefirmware.com/wp-content/plugins/wp-image-compression/css/ 865 B
437 B 201ms
199ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/wp-image-compression/css/lazysizes.min.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 019a23f17c7d0cc65d257ba250044de687cb9fa272d034eb2b48327b284fcef0

Request headers

:path: /wp-content/plugins/wp-image-compression/css/lazysizes.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Fri, 22 Feb 2019 23:22:59 GMT
server: nginx
etag: W/"361-58283df1b7ac0"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.min.css
www.iphonefirmware.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 201ms
198ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:27:20 GMT
server: nginx
etag: W/"e33b-5c525f18ec628"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 blocks.style.build.css
www.iphonefirmware.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 184 B
270 B 201ms
199ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

:path: /wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:31:23 GMT
server: nginx
etag: W/"b8-5c526000bb1fd"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 mashsb.min.css
www.iphonefirmware.com/wp-content/plugins/mashsharer/assets/css/ 46 KB
27 KB 320ms
318ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/mashsharer/assets/css/mashsb.min.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98

Request headers

:path: /wp-content/plugins/mashsharer/assets/css/mashsb.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:33:57 GMT
server: nginx
etag: W/"b6e3-5c52609392e8f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
www.iphonefirmware.com/wp-content/plugins/uk-cookie-consent/assets/css/ 5 KB
1 KB 327ms
325ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/uk-cookie-consent/assets/css/style.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 34513f6e62e1b5dedbea61d6f79455a5df46097096913bbf1d154ac86b9d9fb5

Request headers

:path: /wp-content/plugins/uk-cookie-consent/assets/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:33:43 GMT
server: nginx
etag: W/"1230-5c52608597cf1"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
www.iphonefirmware.com/wp-content/plugins/td-composer/td-multi-purpose/ 68 KB
8 KB 363ms
361ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/td-composer/td-multi-purpose/style.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a401dd1f8f3b5bff72001acbea5a05514a850f6fa18cd569dc53efdc5fc70194

Request headers

:path: /wp-content/plugins/td-composer/td-multi-purpose/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 25 Aug 2018 17:27:41 GMT
server: nginx
etag: W/"10ff5-57445cf2dbd40"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 js_composer.min.css
www.iphonefirmware.com/wp-content/plugins/js_composer/assets/css/ 474 KB
40 KB 367ms
365ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c

Request headers

:path: /wp-content/plugins/js_composer/assets/css/js_composer.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:36:37 GMT
server: nginx
etag: W/"76828-5c52612c303e4"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
www.iphonefirmware.com/wp-content/themes/Newspaper/ 1 MB
105 KB 481ms
480ms Stylesheet
text/css 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/themes/Newspaper/style.css
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b48ceb74cebd53c0c3ce95fca3724b562b98750e2f6b1742ddaf999e62074fd3

Request headers

:path: /wp-content/themes/Newspaper/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 25 Aug 2018 16:16:41 GMT
server: nginx
etag: W/"11b17d-57444d1434c40"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
www.iphonefirmware.com/wp-includes/js/jquery/ 87 KB
30 KB 481ms
480ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:27:20 GMT
server: nginx
etag: W/"15d98-5c525f18b8a08"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.iphonefirmware.com/wp-includes/js/jquery/ 11 KB
4 KB 482ms
480ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:27:20 GMT
server: nginx
etag: W/"2bd8-5c525f18b8a08"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-lazysizes.min.js Show response
www.iphonefirmware.com/wp-content/plugins/wp-image-compression/build/ 9 KB
4 KB 482ms
481ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/wp-image-compression/build/wp-lazysizes.min.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: bead850321fe3f82971250006e4afd7a3225a0a56a03e3456374f105443b30e3

Request headers

:path: /wp-content/plugins/wp-image-compression/build/wp-lazysizes.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Fri, 22 Feb 2019 23:22:59 GMT
server: nginx
etag: W/"2240-58283df1b7ac0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 css-lazy-load.min.js Show response
www.iphonefirmware.com/wp-content/plugins/wp-disable/js/ 1 KB
669 B 481ms
480ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/wp-disable/js/css-lazy-load.min.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 253d8b908a5d3770fce2e7a9c469dd59cd4a341c0b7185d428030a879d02036d

Request headers

:path: /wp-content/plugins/wp-disable/js/css-lazy-load.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:35:01 GMT
server: nginx
etag: W/"4fe-5c5260d027b28"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81c7685af96badd81fad41fff2e20d53306a6b33c8662ca5821ba36622f6b4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 14869471898732562513
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 00:29:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 39ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11901922-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77700f3700263a0bcf41dd4d0e0421f15c14d28aa6c8b09da9bc4e0ebccdc6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40773
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Aug 2021 00:29:55 GMT

GET
H2 200 logo_2017_new2_default.jpg
www.iphonefirmware.com/wp-content/uploads/2017/08/ 13 KB
13 KB 200ms
190ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2017/08/logo_2017_new2_default.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dff9c04b84f05e3311a24e7c80db97d5610ce91147bad35ed9373355a0e4dea

Request headers

:path: /wp-content/uploads/2017/08/logo_2017_new2_default.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Sat, 12 Aug 2017 00:09:50 GMT
server: nginx
accept-ranges: bytes
etag: "332f-556833f85ef80"
content-length: 13103
content-type: image/jpeg

GET
H2 200 logo_2017_mobile.jpg
www.iphonefirmware.com/wp-content/uploads/2017/08/ 7 KB
7 KB 215ms
204ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2017/08/logo_2017_mobile.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e6f988526396135a80458d2aa5d2eaa74934a2162153a190ee7b318631675664

Request headers

:path: /wp-content/uploads/2017/08/logo_2017_mobile.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Sun, 27 Aug 2017 14:54:59 GMT
server: nginx
accept-ranges: bytes
etag: "1bea-557bd5caf96c0"
content-length: 7146
content-type: image/jpeg

GET
H2 200 Daily-August-05-2021-%E2%80%93-Apples-new-child-safety-announcements-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 3 KB
4 KB 215ms
205ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Daily-August-05-2021-%E2%80%93-Apples-new-child-safety-announcements-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dd561851a275ca34897393657c1b1db151f6d7e0367d641ae809f7fa3d46d58

Request headers

:path: /wp-content/uploads/2021/08/Daily-August-05-2021-%E2%80%93-Apples-new-child-safety-announcements-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 23:17:11 GMT
server: nginx
accept-ranges: bytes
etag: "dc3-5c8d81e5b642c"
content-length: 3523
content-type: image/jpeg

GET
H2 200 The-iMazing-App-Has-Been-Updated-To-Detect-Pegasus-Spyware-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 3 KB
3 KB 215ms
205ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/The-iMazing-App-Has-Been-Updated-To-Detect-Pegasus-Spyware-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6560da0cf25117f0e66fbfe875c8707523166c05f67ea6d8714d417c65b1d251

Request headers

:path: /wp-content/uploads/2021/08/The-iMazing-App-Has-Been-Updated-To-Detect-Pegasus-Spyware-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 20:27:04 GMT
server: nginx
accept-ranges: bytes
etag: "ab2-5c8d5bdf516fc"
content-length: 2738
content-type: image/jpeg

GET
H2 200 Howto-Bring-an-old-Mac-back-to-life-by-installing-Chrome-OS-on-it-for-free-iphonefirmware-com-100x70.png
www.iphonefirmware.com/wp-content/uploads/2021/08/ 5 KB
5 KB 215ms
205ms Image
image/png 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Howto-Bring-an-old-Mac-back-to-life-by-installing-Chrome-OS-on-it-for-free-iphonefirmware-com-100x70.png
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d5410081c74670755c9f1a37d1263af34b7fe5f05363cf6c587f042529a5c290

Request headers

:path: /wp-content/uploads/2021/08/Howto-Bring-an-old-Mac-back-to-life-by-installing-Chrome-OS-on-it-for-free-iphonefirmware-com-100x70.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 20:02:07 GMT
server: nginx
accept-ranges: bytes
etag: "1362-5c8d564bd10ce"
content-length: 4962
content-type: image/png

GET
H2 200 Apple-announces-new-protections-for-child-safety-iMessage-features-iCloud-Photo-scanning-more-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 2 KB
2 KB 215ms
206ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Apple-announces-new-protections-for-child-safety-iMessage-features-iCloud-Photo-scanning-more-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f1cb8c79cfcd4c8b05bb22f9bfa8678eafae5a85468b299ecb2d69f3b1c5bd6d

Request headers

:path: /wp-content/uploads/2021/08/Apple-announces-new-protections-for-child-safety-iMessage-features-iCloud-Photo-scanning-more-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 19:17:11 GMT
server: nginx
accept-ranges: bytes
etag: "7b6-5c8d4c411d5da"
content-length: 1974
content-type: image/jpeg

GET
H2 200 IMDb-TV-Now-Has-Mobile-Apps-So-You-Can-Stream-Without-Using-The-IMDb-App-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 2 KB
3 KB 216ms
207ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/IMDb-TV-Now-Has-Mobile-Apps-So-You-Can-Stream-Without-Using-The-IMDb-App-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 89d4f6c8de3694d936de1473091db6e31c2e15449e3a8fbbfab40abfaf1d7fa4

Request headers

:path: /wp-content/uploads/2021/08/IMDb-TV-Now-Has-Mobile-Apps-So-You-Can-Stream-Without-Using-The-IMDb-App-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 19:27:02 GMT
server: nginx
accept-ranges: bytes
etag: "9c0-5c8d4e74abe16"
content-length: 2496
content-type: image/jpeg

GET
H2 200 Twitter-Spaces-introduces-cohost-feature-and-more-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 2 KB
2 KB 216ms
207ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Twitter-Spaces-introduces-cohost-feature-and-more-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e0eb54ec19455d0b0abda5d99169bac8c5c0b03dbf37b616fac1e03d4bde7399

Request headers

:path: /wp-content/uploads/2021/08/Twitter-Spaces-introduces-cohost-feature-and-more-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 18:32:06 GMT
server: nginx
accept-ranges: bytes
etag: "8bb-5c8d422da895b"
content-length: 2235
content-type: image/jpeg

GET
H2 200 DC-Batman-BatTech-Edition-is-a-new-AR-app-for-iOS-users-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 2 KB
2 KB 223ms
214ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/DC-Batman-BatTech-Edition-is-a-new-AR-app-for-iOS-users-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 19d883500054bf269630ec04c191422d973c8e16741379d9aa6f47e147714663

Request headers

:path: /wp-content/uploads/2021/08/DC-Batman-BatTech-Edition-is-a-new-AR-app-for-iOS-users-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 17:47:09 GMT
server: nginx
accept-ranges: bytes
etag: "797-5c8d38213aa10"
content-length: 1943
content-type: image/jpeg

GET
H2 200 iTunes-Match-users-report-longrunning-issues-uploading-and-syncing-files-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 2 KB
2 KB 223ms
215ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/iTunes-Match-users-report-longrunning-issues-uploading-and-syncing-files-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: fff243b6952e199c13f2989b90c55d5badf0058a5793268dde9ab04eeabf903c

Request headers

:path: /wp-content/uploads/2021/08/iTunes-Match-users-report-longrunning-issues-uploading-and-syncing-files-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 17:02:08 GMT
server: nginx
accept-ranges: bytes
etag: "905-5c8d2e11a6e8f"
content-length: 2309
content-type: image/jpeg

GET
H2 200 Back-To-School-Deal-Get-Windows-10-For-Only-13-And-Upgrade-To-Windows-11-For-Free-When-Its-Released-Microsoft-Office-For-26-More-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 3 KB
3 KB 223ms
216ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Back-To-School-Deal-Get-Windows-10-For-Only-13-And-Upgrade-To-Windows-11-For-Free-When-Its-Released-Microsoft-Office-For-26-More-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: eeaf95cae35c98f3310fb6e54242260da9aa6b67a77ee6d84a544a090711effa

Request headers

:path: /wp-content/uploads/2021/08/Back-To-School-Deal-Get-Windows-10-For-Only-13-And-Upgrade-To-Windows-11-For-Free-When-Its-Released-Microsoft-Office-For-26-More-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 16:52:03 GMT
server: nginx
accept-ranges: bytes
etag: "c22-5c8d2bd0472fb"
content-length: 3106
content-type: image/jpeg

GET
H2 200 Deals-Apples-prevgen.-iPad-Pro-now-199-off-Apple-Watch-Leather-Loop-90-more-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 3 KB
4 KB 224ms
216ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Deals-Apples-prevgen.-iPad-Pro-now-199-off-Apple-Watch-Leather-Loop-90-more-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f5c0dec6d5e369201ca32138dda9135d507be18aeb492326f6b73829e7c8f681

Request headers

:path: /wp-content/uploads/2021/08/Deals-Apples-prevgen.-iPad-Pro-now-199-off-Apple-Watch-Leather-Loop-90-more-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 16:17:07 GMT
server: nginx
accept-ranges: bytes
etag: "dae-5c8d2401e5946"
content-length: 3502
content-type: image/jpeg

GET
H2 200 Steve-Jobs-Biographer-Walter-Isaacson-Is-Writing-A-Book-About-Tesla-CEO-Elon-Musk-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 2 KB
2 KB 224ms
217ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Steve-Jobs-Biographer-Walter-Isaacson-Is-Writing-A-Book-About-Tesla-CEO-Elon-Musk-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d346c7830e298d071afddcf331b6c9c766abf43a42212a824671e6fe251b3ee9

Request headers

:path: /wp-content/uploads/2021/08/Steve-Jobs-Biographer-Walter-Isaacson-Is-Writing-A-Book-About-Tesla-CEO-Elon-Musk-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 15:52:03 GMT
server: nginx
accept-ranges: bytes
etag: "88c-5c8d1e6712015"
content-length: 2188
content-type: image/jpeg

GET
H2 200 Affinity-Photo-Designer-and-Publisher-updated-with-major-boost-in-performance-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 4 KB
4 KB 225ms
217ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Affinity-Photo-Designer-and-Publisher-updated-with-major-boost-in-performance-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 859489fd402cb1b375c3f8f07af61cf53c380cd01a036cc675275b1185ef06bb

Request headers

:path: /wp-content/uploads/2021/08/Affinity-Photo-Designer-and-Publisher-updated-with-major-boost-in-performance-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 15:17:07 GMT
server: nginx
accept-ranges: bytes
etag: "e3d-5c8d1697cb714"
content-length: 3645
content-type: image/jpeg

GET
H2 200 Latch-Onto-This-Google-Wifi-3-Pack-Deal-And-Pay-50-Less-Today-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 1 KB
2 KB 225ms
218ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Latch-Onto-This-Google-Wifi-3-Pack-Deal-And-Pay-50-Less-Today-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 20a918777b6de04da85d67eabdf52e3a43872ca2a8667a0771d14153fc19f58e

Request headers

:path: /wp-content/uploads/2021/08/Latch-Onto-This-Google-Wifi-3-Pack-Deal-And-Pay-50-Less-Today-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 14:52:02 GMT
server: nginx
accept-ranges: bytes
etag: "5c2-5c8d10fd4bf93"
content-length: 1474
content-type: image/jpeg

GET
H2 200 Apple-mistakenly-promotes-scam-apps-in-App-Store-feature-iphonefirmware-com-100x70.jpg
www.iphonefirmware.com/wp-content/uploads/2021/08/ 3 KB
3 KB 226ms
219ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2021/08/Apple-mistakenly-promotes-scam-apps-in-App-Store-feature-iphonefirmware-com-100x70.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c94813b40e67b90628885eed29d95a3fcd276bc45e822a55ff8e3ff997a6e831

Request headers

:path: /wp-content/uploads/2021/08/Apple-mistakenly-promotes-scam-apps-in-App-Store-feature-iphonefirmware-com-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Thu, 05 Aug 2021 14:32:08 GMT
server: nginx
accept-ranges: bytes
etag: "aff-5c8d0c89fdc88"
content-length: 2815
content-type: image/jpeg

GET
H2 200 9to5Mac-Happy-Hour-227-iOS-13-screenshot-leaks-and-WWDC-expectations-9to5Mac-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/06/ 5 KB
5 KB 227ms
220ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/06/9to5Mac-Happy-Hour-227-iOS-13-screenshot-leaks-and-WWDC-expectations-9to5Mac-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 50339084ee0c21640989b9d2afffc78b22bd04cb057aeb6d7a3aa51576cf73b8

Request headers

:path: /wp-content/uploads/2019/06/9to5Mac-Happy-Hour-227-iOS-13-screenshot-leaks-and-WWDC-expectations-9to5Mac-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Sun, 02 Jun 2019 05:31:35 GMT
server: nginx
accept-ranges: bytes
etag: "1333-58a508f9cfbc0"
content-length: 4915
content-type: image/jpeg

GET
H2 200 Samsung-To-Supply-OLED-Displays-For-16-Inch-MacBook-Pro-Upcoming-iPad-Pros-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/05/ 6 KB
6 KB 229ms
222ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/05/Samsung-To-Supply-OLED-Displays-For-16-Inch-MacBook-Pro-Upcoming-iPad-Pros-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ece5db9ef7e64a03655f7b38829adaafd8861cb5cf6a68eb44aeb68096e148b

Request headers

:path: /wp-content/uploads/2019/05/Samsung-To-Supply-OLED-Displays-For-16-Inch-MacBook-Pro-Upcoming-iPad-Pros-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Fri, 24 May 2019 01:51:08 GMT
server: nginx
accept-ranges: bytes
etag: "1712-589986ea69b00"
content-length: 5906
content-type: image/jpeg

GET
H2 200 Rumor-suggests-iOS-13-will-not-support-iPhone-6-iPhone-SE-and-iPhone-5s-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/05/ 8 KB
8 KB 228ms
222ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/05/Rumor-suggests-iOS-13-will-not-support-iPhone-6-iPhone-SE-and-iPhone-5s-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 774414b080fbc5054389f4964f6f01c36825cc6af27690abccd679fc3ad1a3f3

Request headers

:path: /wp-content/uploads/2019/05/Rumor-suggests-iOS-13-will-not-support-iPhone-6-iPhone-SE-and-iPhone-5s-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Fri, 10 May 2019 11:01:20 GMT
server: nginx
accept-ranges: bytes
etag: "1e4f-588867c8a8000"
content-length: 7759
content-type: image/jpeg

GET
H2 200 Google-Pixel-3a-3a-XL-Announced-Price-Specs-Release-Date-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/05/ 5 KB
5 KB 231ms
224ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/05/Google-Pixel-3a-3a-XL-Announced-Price-Specs-Release-Date-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: dd854f26eeccafafdc84c6a9d65441e8b94e92e1a650d1bf81ab6c6308bece18

Request headers

:path: /wp-content/uploads/2019/05/Google-Pixel-3a-3a-XL-Announced-Price-Specs-Release-Date-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Wed, 08 May 2019 00:26:16 GMT
server: nginx
accept-ranges: bytes
etag: "1541-5885561aeda00"
content-length: 5441
content-type: image/jpeg

GET
H2 200 iOS-13-To-Get-New-Animoji-Including-A-Cow-Octopus-Mouse-And-Emoji-Face-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/04/ 9 KB
9 KB 232ms
226ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/04/iOS-13-To-Get-New-Animoji-Including-A-Cow-Octopus-Mouse-And-Emoji-Face-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b5ab28c83daceea18df7df30475499cf303a7bd9b22d1de0eb0574720a30c4ba

Request headers

:path: /wp-content/uploads/2019/04/iOS-13-To-Get-New-Animoji-Including-A-Cow-Octopus-Mouse-And-Emoji-Face-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Wed, 24 Apr 2019 01:51:10 GMT
server: nginx
accept-ranges: bytes
etag: "2241-5873cef87df80"
content-length: 8769
content-type: image/jpeg

GET
H2 200 Amazon-Now-Offering-Free-Ad-Supported-Music-to-Alexa-Users-in-the-United-States-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/04/ 6 KB
6 KB 236ms
230ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/04/Amazon-Now-Offering-Free-Ad-Supported-Music-to-Alexa-Users-in-the-United-States-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b1a37b943d4881ec839cb18e84ee1c275fc65ee9499dad2e4975db40b41a7227

Request headers

:path: /wp-content/uploads/2019/04/Amazon-Now-Offering-Free-Ad-Supported-Music-to-Alexa-Users-in-the-United-States-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Fri, 19 Apr 2019 00:21:18 GMT
server: nginx
accept-ranges: bytes
etag: "185b-586d718ef9b80"
content-length: 6235
content-type: image/jpeg

GET
H2 200 Huawei-representative-confirms-no-contact-with-Apple-about-5G-modems-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/04/ 8 KB
8 KB 233ms
227ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/04/Huawei-representative-confirms-no-contact-with-Apple-about-5G-modems-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c8d774377d570b672a89989698b4550c183cfe00e921ee5cd1c1fa7c7f4942e

Request headers

:path: /wp-content/uploads/2019/04/Huawei-representative-confirms-no-contact-with-Apple-about-5G-modems-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Tue, 16 Apr 2019 12:31:11 GMT
server: nginx
accept-ranges: bytes
etag: "20e1-586a4f1ada1c0"
content-length: 8417
content-type: image/jpeg

GET
H2 200 This-week%E2%80%99s-top-stories-New-macOS-apps-this-year-Disney-details-Netflix-drops-AirPlay-more-iphonefirmware-com-218x150.png
www.iphonefirmware.com/wp-content/uploads/2019/04/ 25 KB
26 KB 238ms
233ms Image
image/png 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/04/This-week%E2%80%99s-top-stories-New-macOS-apps-this-year-Disney-details-Netflix-drops-AirPlay-more-iphonefirmware-com-218x150.png
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a26e8a416af07642bdfabe22fc71644a59e1de017774d70233f20478ffdd00a5

Request headers

:path: /wp-content/uploads/2019/04/This-week%E2%80%99s-top-stories-New-macOS-apps-this-year-Disney-details-Netflix-drops-AirPlay-more-iphonefirmware-com-218x150.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Sat, 13 Apr 2019 16:01:12 GMT
server: nginx
accept-ranges: bytes
etag: "65b6-5866b873b8200"
content-length: 26038
content-type: image/png

GET
H2 200 UBS-analyst-says-Apple-may-not-be-able-to-ship-a-5G-iPhone-in-2020-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/04/ 7 KB
7 KB 234ms
229ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/04/UBS-analyst-says-Apple-may-not-be-able-to-ship-a-5G-iPhone-in-2020-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a23d42e5471f7af18d484923f84a9229d9be29624777747d2df7fb61c1a54faf

Request headers

:path: /wp-content/uploads/2019/04/UBS-analyst-says-Apple-may-not-be-able-to-ship-a-5G-iPhone-in-2020-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Wed, 03 Apr 2019 13:01:08 GMT
server: nginx
accept-ranges: bytes
etag: "1a71-5859fd8d9cd00"
content-length: 6769
content-type: image/jpeg

GET
H2 200 Apple%E2%80%99s-March-25th-event-is-official-%E2%80%98It%E2%80%99s-show-time%E2%80%99-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/03/ 7 KB
8 KB 240ms
235ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/03/Apple%E2%80%99s-March-25th-event-is-official-%E2%80%98It%E2%80%99s-show-time%E2%80%99-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f8aa7f66f14434d9bcdd5aa10765e51b1eff02bcab20b4f6a3a1399f51bba024

Request headers

:path: /wp-content/uploads/2019/03/Apple%E2%80%99s-March-25th-event-is-official-%E2%80%98It%E2%80%99s-show-time%E2%80%99-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Mon, 11 Mar 2019 19:31:06 GMT
server: nginx
accept-ranges: bytes
etag: "1da6-583d69d215280"
content-length: 7590
content-type: image/jpeg

GET
H2 200 2019-iPad-Refresh-To-Feature-Touch-ID-Headphone-Jack-iphonefirmware-com-218x150.jpg
www.iphonefirmware.com/wp-content/uploads/2019/03/ 11 KB
11 KB 242ms
238ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/03/2019-iPad-Refresh-To-Feature-Touch-ID-Headphone-Jack-iphonefirmware-com-218x150.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 95157b6565f039e7308af58424f9e7961d8879753fd37b4a5ee1e34ec100aa28

Request headers

:path: /wp-content/uploads/2019/03/2019-iPad-Refresh-To-Feature-Touch-ID-Headphone-Jack-iphonefirmware-com-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Sun, 10 Mar 2019 04:51:11 GMT
server: nginx
accept-ranges: bytes
etag: "2b4b-583b634762dc0"
content-length: 11083
content-type: image/jpeg

GET
H2 200 This-week%E2%80%99s-top-stories-Apple-AR-headset-rumor-%E2%80%98Tim-Apple%E2%80%99-iPhone-price-cuts-in-China-more-iphonefirmware-com-218x150.png
www.iphonefirmware.com/wp-content/uploads/2019/03/ 25 KB
26 KB 357ms
353ms Image
image/png 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2019/03/This-week%E2%80%99s-top-stories-Apple-AR-headset-rumor-%E2%80%98Tim-Apple%E2%80%99-iPhone-price-cuts-in-China-more-iphonefirmware-com-218x150.png
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a26e8a416af07642bdfabe22fc71644a59e1de017774d70233f20478ffdd00a5

Request headers

:path: /wp-content/uploads/2019/03/This-week%E2%80%99s-top-stories-Apple-AR-headset-rumor-%E2%80%98Tim-Apple%E2%80%99-iPhone-price-cuts-in-China-more-iphonefirmware-com-218x150.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Sat, 09 Mar 2019 13:46:30 GMT
server: nginx
accept-ranges: bytes
etag: "65b6-583a9910fd980"
content-length: 26038
content-type: image/png

GET
H2 200 mashsb.min.js Show response
www.iphonefirmware.com/wp-content/plugins/mashsharer/assets/js/ 4 KB
1 KB 191ms
191ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a13a1fe4a87c09c6e9122834b5351f80012e2c539b32bc1d33c6982efab21b4b

Request headers

:path: /wp-content/plugins/mashsharer/assets/js/mashsb.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:33:57 GMT
server: nginx
etag: W/"114c-5c52609390f4f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 uk-cookie-consent-js.js Show response
www.iphonefirmware.com/wp-content/plugins/uk-cookie-consent/assets/js/ 2 KB
739 B 190ms
189ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a

Request headers

:path: /wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:33:43 GMT
server: nginx
etag: W/"62d-5c52608596d51"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tagdiv_theme.min.js Show response
www.iphonefirmware.com/wp-content/themes/Newspaper/js/ 204 KB
46 KB 206ms
196ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: de86a261595e6aa15abedbea378a89a6d78ebff1062323c1cb89cf031aa33f14

Request headers

:path: /wp-content/themes/Newspaper/js/tagdiv_theme.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: br
last-modified: Sat, 25 Aug 2018 16:16:48 GMT
server: nginx
etag: W/"330d7-57444d1ae1c00"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ads.js Show response
www.iphonefirmware.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 78 B
198 B 198ms
188ms Script
application/javascript 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

:path: /wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: br
last-modified: Sat, 19 Jun 2021 22:31:23 GMT
server: nginx
etag: W/"4e-5c526000c2efd"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame 9B5F 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 05 Aug 2021 19:31:05 GMT
expires: Thu, 19 Aug 2021 19:31:05 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 17930
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/ 250 KB
93 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3838849664197733&plah=www.iphonefirmware.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59cbfdef4f2a9a846d7f98276813927762f7f67851c64975563139d17d47620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95395
x-xss-protection: 0
server: cafe
etag: 12107374755789589264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 00:29:55 GMT

GET 8.jpg
138.68.253.67/wp-content/uploads/2017/08/ 0
0

GET
H2 200 newspaper.woff
www.iphonefirmware.com/wp-content/themes/Newspaper/images/icons/ 22 KB
22 KB 350ms
349ms Font
font/woff 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/wp-content/themes/Newspaper/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Request headers

:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?15
pragma: no-cache
origin: https://www.iphonefirmware.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/wp-content/themes/Newspaper/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.iphonefirmware.com
Referer: https://www.iphonefirmware.com/wp-content/themes/Newspaper/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
last-modified: Sat, 25 Aug 2018 16:17:29 GMT
server: nginx
accept-ranges: bytes
etag: "5630-57444d41fb840"
content-length: 22064
content-type: font/woff

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9

Request headers

Origin: https://www.iphonefirmware.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
263 B 62ms
61ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.iphonefirmware.com&callback=_gfp_s_&client=ca-pub-3838849664197733

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3838849664197733&plah=www.iphonefirmware.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

cc7ca004c1063671b25adb8079a88681121d2da2e4ab5629dc890c157919d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.iphonefirmware.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.iphonefirmware.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED8E 107 KB
28 KB 392ms
391ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&adk=1812271804&adf=3025194257&lmt=1628209795&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795559&bpp=18&bdt=717&idt=276&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=223846803365&frm=20&pv=2&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dec628d99ddf5b08d42c983485a7058f9c76a9d04fdac540752553a734bb8731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&adk=1812271804&adf=3025194257&lmt=1628209795&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795559&bpp=18&bdt=717&idt=276&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=223846803365&frm=20&pv=2&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 28839
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076391864921"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27992
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:55 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B954 84 KB
27 KB 455ms
455ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=2692030733&adf=2922193087&pi=t.ma~as.4249744502&w=696&fwrn=4&fwrnh=100&lmt=1628209795&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795885&bpp=1&bdt=1044&idt=2&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=XLsWEuxLAi&p=https%3A//www.iphonefirmware.com&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7e5b5b7f2c8dbe26db93eb7b17781d20ce27557f9de98383844d243bf35d93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=2692030733&adf=2922193087&pi=t.ma~as.4249744502&w=696&fwrn=4&fwrnh=100&lmt=1628209795&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795885&bpp=1&bdt=1044&idt=2&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=XLsWEuxLAi&p=https%3A//www.iphonefirmware.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 27349
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11901922-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3201
date: Thu, 05 Aug 2021 23:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 06 Aug 2021 01:36:34 GMT

GET
H2 200 elements.png
www.iphonefirmware.com/wp-content/themes/Newspaper/images/sprite/ 4 KB
4 KB 189ms
189ms Image
image/png 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/themes/Newspaper/images/sprite/elements.png
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/wp-content/themes/Newspaper/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

:path: /wp-content/themes/Newspaper/images/sprite/elements.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/wp-content/themes/Newspaper/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/wp-content/themes/Newspaper/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
last-modified: Sat, 25 Aug 2018 16:18:08 GMT
server: nginx
accept-ranges: bytes
etag: "10e4-57444d672d000"
content-length: 4324
content-type: image/png

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D4A 47 KB
12 KB 543ms
543ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=90&slotname=4249744502&adk=281592885&adf=193766564&pi=t.ma~as.4249744502&w=728&lmt=1628209795&psa=0&format=728x90&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795690&bpp=3&bdt=849&idt=218&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=foTV1tzd56&p=https%3A//www.iphonefirmware.com&dtd=231

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f81a88dd403ab1af758435c48266afe2daff6906c394a571a5f6f3735455123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&h=90&slotname=4249744502&adk=281592885&adf=193766564&pi=t.ma~as.4249744502&w=728&lmt=1628209795&psa=0&format=728x90&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795690&bpp=3&bdt=849&idt=218&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=foTV1tzd56&p=https%3A//www.iphonefirmware.com&dtd=231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 11798
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F9E 111 KB
34 KB 539ms
539ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=100&slotname=4249744502&adk=2817573891&adf=102378993&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x100&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795741&bpp=3&bdt=900&idt=194&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P36rFUFkzb&p=https%3A//www.iphonefirmware.com&dtd=210

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7b7956d64a4e0b7531b1967e653a4a46960736886ec9dcbd666688bdb3b14cb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnKiJSSm_ICFXHnuwgdGLwEnA&gqi=g4IMYYPAOtH83wOJoYj4Cg&layout=/sadbundle/%24csp%253Der3%24/7231451807353208973/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&h=100&slotname=4249744502&adk=2817573891&adf=102378993&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x100&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795741&bpp=3&bdt=900&idt=194&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P36rFUFkzb&p=https%3A//www.iphonefirmware.com&dtd=210
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnKiJSSm_ICFXHnuwgdGLwEnA&gqi=g4IMYYPAOtH83wOJoYj4Cg&layout=/sadbundle/%24csp%253Der3%24/7231451807353208973/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 34868
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

GET
H2 200 8.jpg
www.iphonefirmware.com/wp-content/uploads/2017/08/ 661 B
796 B 189ms
189ms Image
image/jpeg 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/uploads/2017/08/8.jpg
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ed52c4ae1f90e917191536309d62cc88b8aae85ba571cea6c81e7619f032d7cb

Request headers

:path: /wp-content/uploads/2017/08/8.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
last-modified: Wed, 23 Aug 2017 23:37:02 GMT
server: nginx
accept-ranges: bytes
etag: "295-5577430512380"
content-length: 661
content-type: image/jpeg

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4708 61 KB
23 KB 474ms
474ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=200&slotname=4249744502&adk=1127641864&adf=81069172&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x200&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795744&bpp=11&bdt=902&idt=252&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90%2C750x100&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4umdzCd2Bl&p=https%3A//www.iphonefirmware.com&dtd=258

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9ee84bd6a58bf605226efd744ad1df005a11b74ce8b468e408517d68a6e8507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&h=200&slotname=4249744502&adk=1127641864&adf=81069172&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x200&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795744&bpp=11&bdt=902&idt=252&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90%2C750x100&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4umdzCd2Bl&p=https%3A//www.iphonefirmware.com&dtd=258
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 23044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=90856404&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&ul=en-us&de=UTF-8&dt=iMazing%20app%20updated%20with%20tool%20to%20easily%20detect%20Pegasus%20spyware%20on%20iPhone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1620376162&gjid=1295256796&cid=161989905.1628209796&tid=UA-11901922-1&_gid=1232831689.1628209796&_r=1&gtm=2ou840&z=616254300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.iphonefirmware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.iphonefirmware.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.iphonefirmware.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D272 72 KB
26 KB 472ms
471ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d419b9622a79183171da1e3db9ed16276ba93b5fe5b984dc5f450f0124cf2613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 27097
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Requested by

Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/wp-content/plugins/wp-disable/js/css-lazy-load.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

066bec584c8a88de6ae21bfa0ffb196ed53de8430f9c6a7bf06d835ce004e77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 23:44:27 GMT
server: ESF
date: Fri, 06 Aug 2021 00:29:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Aug 2021 00:29:56 GMT

POST
H2 200 admin-ajax.php Show response
www.iphonefirmware.com/wp-admin/ 13 B
355 B 370ms
370ms XHR
text/html 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iphonefirmware.com/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=9.0.1

Requested by

Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2c98b06b866d62246b7feb439b3c1ea5fbe3a26cf6303d7a731d6488da9580ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.iphonefirmware.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: __gads=ID=be234feb94fcd75b-2230cfad93c800db:T=1628209795:RT=1628209795:S=ALNI_MbG6dg55nxfen3a36YofRIdpPHPYg; _ga=GA1.2.161989905.1628209796; _gid=GA1.2.1232831689.1628209796; _gat_gtag_UA_11901922_1=1
content-length: 52
:path: /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=9.0.1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.iphonefirmware.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE21 64 KB
21 KB 285ms
285ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=250&slotname=8805777179&adk=1826659594&adf=2069371426&pi=t.ma~as.8805777179&w=300&lmt=1628209796&psa=0&format=300x250&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795789&bpp=1&bdt=948&idt=314&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=662&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wiJ9WQHJk3&p=https%3A//www.iphonefirmware.com&dtd=316

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

117a9049e22d3d9c3458f9d6b346ed424a0aeca924afcff9845596ca338e48f4

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSEkpSSm_ICFVXtuwgdlCwKTA&gqi=hIIMYbruBtTf3wP0u5OQCQ&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&h=250&slotname=8805777179&adk=1826659594&adf=2069371426&pi=t.ma~as.8805777179&w=300&lmt=1628209796&psa=0&format=300x250&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795789&bpp=1&bdt=948&idt=314&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=662&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wiJ9WQHJk3&p=https%3A//www.iphonefirmware.com&dtd=316
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSEkpSSm_ICFVXtuwgdlCwKTA&gqi=hIIMYbruBtTf3wP0u5OQCQ&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 21755
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-11901922-1&cid=161989905.1628209796&jid=1620376162&gjid=1295256796&_gid=1232831689.1628209796&_u=YAhAAUAAAAAAAC~&z=773822471

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 Aug 2021 00:29:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.iphonefirmware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43F8 61 KB
23 KB 549ms
549ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c06210b4741292a719b5c2a45af4df469616fdcc709fb5f1d9cfc0a2adfd339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 00:29:56 GMT
server: cafe
content-length: 23315
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 00:44:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v21/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v21/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.iphonefirmware.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:36:37 GMT
x-content-type-options: nosniff
age: 193999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 18:10:00 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 18:36:37 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v21/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v21/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.iphonefirmware.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:36:37 GMT
x-content-type-options: nosniff
age: 193999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 18:10:22 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 18:36:37 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.iphonefirmware.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 198749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 17:17:27 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.iphonefirmware.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 281012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.iphonefirmware.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 19:20:02 GMT
x-content-type-options: nosniff
age: 277794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:20:02 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.iphonefirmware.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 217795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v21/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v21/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900|Open%20Sans:300italic,400,400italic,600,600italic,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.iphonefirmware.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:36:37 GMT
x-content-type-options: nosniff
age: 193999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 18:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 18:36:37 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-11901922-1&cid=161989905.1628209796&jid=1620376162&_u=YAhAAUAAAAAAAC~&z=795520664

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-11901922-1&cid=161989905.1628209796&jid=1620376162&_u=YAhAAUAAAAAAAC~&z=795520664

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iMazing-Pegasus.jpg
i0.wp.com/9to5mac.com/wp-content/uploads/sites/6/2021/08/ 40 KB
40 KB 27ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/9to5mac.com/wp-content/uploads/sites/6/2021/08/iMazing-Pegasus.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b00b3ad604405704bd7a814776856652b4dbd17ab9252dc79de4847eff2eb389

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT arn 2
date: Fri, 06 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 02:43:08 GMT
server: nginx
etag: "148acd9b706c6b76"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://9to5mac.com/wp-content/uploads/sites/6/2021/08/iMazing-Pegasus.jpg>; rel="canonical"
content-length: 40898
expires: Sat, 05 Aug 2023 14:43:08 GMT

GET
H2 200 loader.gif
www.iphonefirmware.com/wp-content/plugins/wp-image-compression/img/ 3 KB
3 KB 189ms
189ms Image
image/gif 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iphonefirmware.com/wp-content/plugins/wp-image-compression/img/loader.gif
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/wp-content/plugins/wp-image-compression/css/lazysizes.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: fee18c225ce930adca01552fa298135c2aa241778c40dda6d32f50dc04cb2b08

Request headers

:path: /wp-content/plugins/wp-image-compression/img/loader.gif
pragma: no-cache
cookie: __gads=ID=be234feb94fcd75b-2230cfad93c800db:T=1628209795:RT=1628209795:S=ALNI_MbG6dg55nxfen3a36YofRIdpPHPYg; _ga=GA1.2.161989905.1628209796; _gid=GA1.2.1232831689.1628209796; _gat_gtag_UA_11901922_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/wp-content/plugins/wp-image-compression/css/lazysizes.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/wp-content/plugins/wp-image-compression/css/lazysizes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
last-modified: Fri, 22 Feb 2019 23:22:59 GMT
server: nginx
accept-ranges: bytes
etag: "c88-58283df1b7ac0"
content-length: 3208
content-type: image/gif

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/ 144 KB
52 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08bd2e81df7790230135e81ef598de03213f5b4933b285e496437bbcbc2e3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52807
x-xss-protection: 0
server: cafe
etag: 1980546622563835483
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.iphonefirmware.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.iphonefirmware.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/ Frame F267 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 05 Aug 2021 20:49:40 GMT
expires: Thu, 19 Aug 2021 20:49:40 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 13216
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F267 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmr8Wg4IMYcebNs3Z7_UPy7ugOIqKtMthyrvg7boN3cebnJEOEAEgpKrQCGCVAqABnbDuoQPIAQKpAu6I3TJn27M-qAMByAPJBKoEswNP0LiMSvd5HeMsh2tvbVcQ4LqBqZXEdFKKg-5J_2jUhQpapKx-s0VT8gGLRp5rXE_UsgQvGNYkzPelYl7gUYQfLpLPyAA6Il8vMSeKB3VQfJPhD2i3XApSe3qiEaHOsnsX6wCighxK1tHmSIpnIitNjEhFoefAVl7iag1om3EnRWI2DHYr4kf1MmO8x13GZmCUDRzXKA0Wtoq0VwmlZtHLyo0ITKnXKqP2n2gm1jYqq4IyPOCGRu6uFUZm2-XuDDuIrTKwmrRJLffD0cBQCegx-rUuNQDhUIxJ9ysS0yqKWyBvAixiw5i0bJTcVgr0janrFUijE8IDpqLDM_7ybzdqtIPnPclYy7tjbtZ7AJ4Mh9g6ZWt0G5tTG4UezrQYECZpauywaDaLa3dBcAb0xYI7157hw3C9PSHN_VHUEFRvYy5mtt9-_pW18Vj1DZm6Z9K-ufDjeysKz-IdQsJEG1q5zXZfh3idB2Lu0OdWZ2DTMb7HK9KYUmuYkjIjzsGlK5xU--TvwrSQYboYnJSY7wlSlkzUNwynPBdoAEj3R4ekEfobJb83O3VOyYsjcHi-C4ElQ-HABJqZmsPrAZIFBAgEGAGSBQQIBRgEoAYCgAf1tJteqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJX6MdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0zODM4ODQ5NjY0MTk3NzMz&sigh=wIJVxRr5sbM

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame F267 18 KB
8 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 23:57:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame F267 2 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:17:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F267 124 KB
37 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame F267 14 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:22:26 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame F267 26 KB
11 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:51:47 GMT

GET
H2 200 16323101646619125957
tpc.googlesyndication.com/simgad/ Frame F267 24 KB
24 KB 17ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16323101646619125957?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlnEW309WD12xLSGg3oh2RjgSGHeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a2450a9523ba4d5b6d6dac5f7a86da5927b3e35e8592b57167636adca203d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 07:26:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 11:22:38 GMT
server: sffe
age: 234199
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24820
x-xss-protection: 0
expires: Wed, 03 Aug 2022 07:26:37 GMT

GET
H2 200 11723001086330391612
tpc.googlesyndication.com/simgad/ Frame B954 49 KB
49 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11723001086330391612?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qneCdRkeR2qJgIJskDtgffwXC-NKg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=2692030733&adf=2922193087&pi=t.ma~as.4249744502&w=696&fwrn=4&fwrnh=100&lmt=1628209795&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795885&bpp=1&bdt=1044&idt=2&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=XLsWEuxLAi&p=https%3A//www.iphonefirmware.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a529d0dfbee9fc93c1db1ec993d0423cdc1ee9487d695d199553ce1eac4b32e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:51:29 GMT
x-content-type-options: nosniff
age: 254307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50320
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 14:22:50 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:51:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame B954 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 23:57:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame B954 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:17:48 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B954 67 B
188 B 16ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 05:38:05 GMT
x-content-type-options: nosniff
server: cafe
age: 67911
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Fri, 06 Aug 2021 05:38:05 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B954 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwkXhg4IMYdzFN8_P7_UP2tSckA261dT3XN3kuMqLDrWw4-mwExABIKSq0AhglQKgAeG0sv0CyAECqQIjejkO0-CUPqgDAcgDyQSqBKUDT9AFZgUP-yMlvRzzBr7ksRZMpGkP2EDPHKBQ6AHkS_WORrveL4eX_rFC5iVriZJm7x1afTj6G8z4uVsmojwuYmbnrLb4cQrJtUm2gM-0MK-oW54mr4BpQqNhWDth-yKJZV9Tkt0RkDS4WG9KojPq2D4kjmddkZfI5LAWxgt0Qno6Cegg2IgqXI_dUrI7QjR9yIB4VMBDEI_AVE1G4icHQ_CAyNrGTcAvvpn-gmbAgkrKRpexl_dCJQxZ5OXppoHDXAh7HurOy5Njq2UE3syQsPQhAoEXb0SSYuvnv8lZazSCcnkezESTVtlHftv9WU_GvDxxTNR_8oPBWIJoGvnDBzXayq-pZoLjVSKc2JitP6iXDdrZ2spha1QyCIMUZdFEuOYdpPxz-x4HElPGoPnwrcqApuFa8QhYKDXkZksfKo3I07yD1glKEVlkRyWWpOM1lJRHPhZyMfbgIWdDU6nnzNOL2g6fSMJyEKzmtXobyK1J0Piq_R03FyqqwsF2SsDzrjeR5bQttxibbJ-XVQkl2mJwhwAukxUzg2jqpJY3ojIfbVT5xMAEn8fSwowCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4fLzYIBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOuqA9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi0zODM4ODQ5NjY0MTk3NzMz&sigh=YjmDPKhCvs0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=2692030733&adf=2922193087&pi=t.ma~as.4249744502&w=696&fwrn=4&fwrnh=100&lmt=1628209795&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795885&bpp=1&bdt=1044&idt=2&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=XLsWEuxLAi&p=https%3A//www.iphonefirmware.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B954 124 KB
37 KB 38ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame B954 14 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:22:26 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame B954 26 KB
11 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:51:47 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DEC 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=2692030733&adf=2922193087&pi=t.ma~as.4249744502&w=696&fwrn=4&fwrnh=100&lmt=1628209795&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795885&bpp=1&bdt=1044&idt=2&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=XLsWEuxLAi&p=https%3A//www.iphonefirmware.com&dtd=8
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=2692030733&adf=2922193087&pi=t.ma~as.4249744502&w=696&fwrn=4&fwrnh=100&lmt=1628209795&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795885&bpp=1&bdt=1044&idt=2&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=XLsWEuxLAi&p=https%3A//www.iphonefirmware.com&dtd=8

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame C6BC 247 B
805 B 205ms
63ms Document
text/html 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ccb9cd2c7a7dec3880c2c6dc2ff5d9bae46ae21cec134f0c8b0cc1ce4fd275c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-Ls6tkRAI8sF_lsni9ioZPA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 204
date: Fri, 06 Aug 2021 00:29:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3EFF 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame EE21 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=250&slotname=8805777179&adk=1826659594&adf=2069371426&pi=t.ma~as.8805777179&w=300&lmt=1628209796&psa=0&format=300x250&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795789&bpp=1&bdt=948&idt=314&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=662&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wiJ9WQHJk3&p=https%3A//www.iphonefirmware.com&dtd=316

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:17:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE21 124 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame EE21 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:22:26 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 0FC3 369 KB
34 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12502976385620377600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 02 Aug 2021 22:38:49 GMT
expires: Tue, 02 Aug 2022 22:38:49 GMT
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 34639
age: 265867
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE21 0
0 45ms
42ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZZdYhIIMYcSyB9Xa7_UPlNmo4AS5yfG7Y4TpysG1DaG38KWSDhABIKSq0AhglQKgAdTQ0JcDyAEJqQLuiN0yZ9uzPqgDAcgDAqoEqgNP0Eq3mLnsCG7jpNa8O6_tC39VlQQH1wXhDmHdoaC0ldpEWPid1alTBFKoJ9Kt7TE-y5LQ18q8UEcwtGIfnGMSs_GnU4pRSyv_8JYGJZhpCNao5-wLs0V1y73j2AKeHmp3oVCoPuxb2lgiIGNXh9ITkYjlGAAG0sEdPdeu_rQcJbMVxASV6UZ7Rse_Zn9qcqCniH52h9sYvjzQk1YR0FFPgVg-OL4yXFiR8-C3FC9QZRifJLLQXk3jte0knc6I8Fsf34LUuKnSGmo05kE9hWGZ5IQ3X2GZQxC9nmnzgJIvdyq-pnzlOQiVUAk9FdxiOsTtgmlDKw4lCSKoWedndnUuvXaBldLyc__VCWJZwymMfm1OuKamaD8LFVt2UMuyUYXJnzjSEa5cNkMkpeBqPFcKX8fGHvTGjQuMoV2p8CV111oeNEpXLLf0Hp1hYX3I5qga_SdTqE7VY31LRVEk2CWvFfX_yQGFqGzc-V7mpJYKh9qXGB1Fm6MWqAzB5gK9NLiVj5pC5lv3mVYcRL1YA-cgRDFnxP_7YN8PJIPin2NrHH20IZ2MgJelQPPABKaN89u_A5IFBAgEGAGSBQQIBRgEoAZdgAfL_9xsqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELHYKdIICQiI4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0zODM4ODQ5NjY0MTk3NzMz&sigh=B80Sjit7rP4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=250&slotname=8805777179&adk=1826659594&adf=2069371426&pi=t.ma~as.8805777179&w=300&lmt=1628209796&psa=0&format=300x250&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795789&bpp=1&bdt=948&idt=314&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=662&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wiJ9WQHJk3&p=https%3A//www.iphonefirmware.com&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEA1 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=250&slotname=8805777179&adk=1826659594&adf=2069371426&pi=t.ma~as.8805777179&w=300&lmt=1628209796&psa=0&format=300x250&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795789&bpp=1&bdt=948&idt=314&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=662&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wiJ9WQHJk3&p=https%3A//www.iphonefirmware.com&dtd=316
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=250&slotname=8805777179&adk=1826659594&adf=2069371426&pi=t.ma~as.8805777179&w=300&lmt=1628209796&psa=0&format=300x250&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795789&bpp=1&bdt=948&idt=314&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=662&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wiJ9WQHJk3&p=https%3A//www.iphonefirmware.com&dtd=316

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F267 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 092e48884034c04a7a72f967ca1c0c577e510e59036d0b958a9b841555478006

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B954 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b232d1ff6380c9b1ab23758d51b4a0bd223e721278dd9e3094877ba261fd2316

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EE21 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddbddda3edea95efea2eebf934c6a0794edb291fb28fdefe494a8ae049965e3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 7D4A 188 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=90&slotname=4249744502&adk=281592885&adf=193766564&pi=t.ma~as.4249744502&w=728&lmt=1628209795&psa=0&format=728x90&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795690&bpp=3&bdt=849&idt=218&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=foTV1tzd56&p=https%3A//www.iphonefirmware.com&dtd=231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7D4A 13 KB
5 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7D4A 87 KB
27 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7D4A 71 KB
16 KB 24ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:45 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7D4A 4 KB
2 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 7D4A 40 KB
13 KB 22ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7D4A 6 KB
700 B 31ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a429056f755a0ac9f4351c9712f1be8d43ba8d860300f36c0c1224eee9a3770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 23:17:30 GMT
server: ESF
date: Fri, 06 Aug 2021 00:29:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D4A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76238
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 06 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D4A 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 40935
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 06 Aug 2021 13:07:41 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7D4A 0
17 B 44ms
43ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrSA0g4IMYfuNOYPh7_UPhc688AmfiaCSZIjR8-rxDZWC_peWDhABIKSq0AhglQKgAa2NwsECyAEJqQLuiN0yZ9uzPqgDAcgDCKoEqQNP0H1tnhR0NgGxygn0gqPtlofRH1MtKr2_t8L9hajSRCqmEPH2P5a9SYLEMvnne1k1E3Qxd0fz-GrMU09NzC9KcpoJXxblIogGOV5LsseWsoEVOi0zpLhkF5DJKa0bbsafALjlm8tdem55ymxuFBPCqus-_6_0w7phaSXL2U1TMWwEe5hO54mmj_TETzXVLW_isKkcKNZJyyi9F-PgZD8LjqWd5-fACnQGjlQrfra1L1hKvk0CMdtznRjym5FuR6PwdI6OKaTvxmnv5STr8vajR5tuEVKBAN3w20lTpZSR2FwLy-AS1n25RJP6sc05MkfDl9JTGjwsNwa_0A5-q4g4CzBu_Ty5yKTJhKpXgYnlmCT20Ac3d2bZaHlyMYk-0oyamVHZ0vs2o-PNVyWHLXOTWfP6iqq5DsJcjfoPefwH0aKWknxWQ92dz9gH373AES-SCGIEWxcpjt1eaxr8JxAOLg55MCtin6pzu2NQeYuIY1GQmqgCdDyxFeGnH_9DstRwqRRHsI6BB-UQCZaVU9GXnWDw2zUNFErLqzpdj-GohMXGm8PnIJwbYMAE5dzFnbMDkgUECAQYAZIFBAgFGASgBi6AB-nZjWqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQtvoI0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTM4Mzg4NDk2NjQxOTc3MzM&sigh=dJXW2GVwwDk&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=90&slotname=4249744502&adk=281592885&adf=193766564&pi=t.ma~as.4249744502&w=728&lmt=1628209795&psa=0&format=728x90&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795690&bpp=3&bdt=849&idt=218&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=foTV1tzd56&p=https%3A//www.iphonefirmware.com&dtd=231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 7196528861258492116
tpc.googlesyndication.com/simgad/ Frame 4708 48 KB
48 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7196528861258492116?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnToAX4dA_ZYVF1CPaJ8fz_hxAJ8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=200&slotname=4249744502&adk=1127641864&adf=81069172&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x200&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795744&bpp=11&bdt=902&idt=252&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90%2C750x100&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4umdzCd2Bl&p=https%3A//www.iphonefirmware.com&dtd=258

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92cbdc3bc98129f24feb5bc287e7b84faa709c9741cc6d5f55dee7c47822e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 09:48:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 11:22:40 GMT
server: sffe
age: 225700
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48942
x-xss-protection: 0
expires: Wed, 03 Aug 2022 09:48:16 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 4708 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 23:57:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 4708 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:17:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4708 124 KB
37 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 4708 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:22:26 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 4708 26 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:51:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4708 0
0 44ms
42ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXsLnhIIMYcaNAd3G7_UPipaXiAiKirTLYZK94O26Dd3Hm5yRDhABIKSq0AhglQKgAZ2w7qEDyAECqQLuiN0yZ9uzPqgDAcgDyQSqBLADT9AXzK5woMVijZjAWFi4rg1eTY4YAMYLFhvR_vZW_1eKB9Ow6SXBhBXEru_8fbe7U3WJIIEEtcwvdKLn0mYPepRvg-9k1S757AptgqCwC9fUEzXkkRAhuzXkXwBIi1Cx4umAt9sm9evC8fCTFJQsewXn24kM8tbv7wHoH7tH5xL3i2MTmwlmwNd2Ag0cLN1_aCOKZwf8znoe0HFHxy6An-eJ4SU7KmMMuIe71hXLpaT9VohVKk4Z2m9DkdaelOtm5dc1jmpJG4oxtUNBypH_NDBoZFffKhPSU2Y7iGvdBunTRAN2tbJaalVpo9Wc0WhNNowleeNmpkmMPQh4veyxGPloJvbT-svtR910FWQ5HMJn_RrriYbg_ny3z4mhJY6P9vYs1hkkHOlVMkPo-aTrvGMmsGWjoUmp_qNe6MjmBuU1Tf1ePE1TGKuWdu6xCZxAtYUKCUKD_rcoofCnpDyudj4CIFX-WPiVVf_f1gqC5iMezqrl18M5pJ8Ye-g8Il9qtbAcdQCV89r5_F7G0CjUHGV0kflVC0a5w1fhhXm6iaXfUOQ75Sl4YHaClv6U4pvVwASamZrD6wGSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCF1lrSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItMzgzODg0OTY2NDE5NzczMw&sigh=MXU44DGIAnc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=200&slotname=4249744502&adk=1127641864&adf=81069172&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x200&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795744&bpp=11&bdt=902&idt=252&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90%2C750x100&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4umdzCd2Bl&p=https%3A//www.iphonefirmware.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 7196528861258492116
tpc.googlesyndication.com/simgad/ Frame D272 48 KB
48 KB 11ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7196528861258492116?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnToAX4dA_ZYVF1CPaJ8fz_hxAJ8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92cbdc3bc98129f24feb5bc287e7b84faa709c9741cc6d5f55dee7c47822e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 09:48:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 11:22:40 GMT
server: sffe
age: 225700
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48942
x-xss-protection: 0
expires: Wed, 03 Aug 2022 09:48:16 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame D272 18 KB
7 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 23:57:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame D272 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:17:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D272 124 KB
37 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame D272 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:22:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D272 0
0 26ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiD5D-6z2Zfjxa8U-KESWcNwED_BbR60GP-b9WEdG-E_oNuDhbp3BQvvrB7QDt-_b2ZAYekgPeQsMZSfgyighjNf4Phg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame D272 26 KB
11 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:51:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D272 0
0 45ms
43ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyJAahIIMYaDLBeDD7_UPhpeFgAyKirTLYZK94O26Dd3Hm5yRDhABIKSq0AhglQKgAZ2w7qEDyAECqQLuiN0yZ9uzPqgDAcgDyQSqBK8DT9BWJLIFf2gdADsRc9LWJRk1HrCSHUWzdYJVIEt_u1E-wKMQyICO1Tl21V_V-W_sgphW5E_TTrTVCkpa94dLNBJMJe_L9JXRNyOetjJVgL3nbCoVk5sbcCpbX5qX76IqExL34xSLnQ8LTgrX70IyAr74ZWSXXHjvDzHK-MVNQlRCct9aTSk3581WEI2SamRiIlUqE3G83CjV0GbzfqWQJZ6uxyc-10qDZNEzhYpzvkaobpzru0BJtdX7JIIVj10oDDiLEYsHQ0uT4z0WBLd8zuzKP4mQcMMoMsXONPzR6rUwGpcCwOSs6qH4KcWYp3QnhK-HJ7tobGDXwFw1pYbyMYykFXNozMzXIaIehlijCNzfWok5jJF9szEE0Z6ZGYcCTjn8VCug1kopYPWovNwfU5E7NfHyJrtwf8X_z4eSO5vSSJRHtoUhtVuhHRwfF937PVKYB5l1P_ukSpL4WMbjBMr3prPCTi82zRbVAMMaBK1Rd_nFsdWsU6XhWFT9INRMb4fnN6Q7Ksf4SSkLWESrLAGPT0qL6YTmMhvyY9oX6bUYKo1HxYWxU7dyfQXya1zABJqZmsPrAZIFBAgEGAGSBQQIBRgEoAYCgAf1tJteqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJinHNIICQiI4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0zODM4ODQ5NjY0MTk3NzMz&sigh=buR0kP1cofQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DEC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:56 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 01:29:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:56 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/ Frame 2899 95 KB
19 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6164a283faed2d675c2d0ee22441b5c8cd6af8b181f96e7801fa9ef0c1fb128c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7231451807353208973/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 02 Aug 2021 13:53:15 GMT
expires: Tue, 02 Aug 2022 13:53:15 GMT
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 19496
age: 297401
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5A7E 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf7xhg4IMYfn8OvHO7_UPmPiS4AmZl93jY6HDl8-dDtCg1vesARABIKSq0AhglQKgAdTQ0JcDyAEJqQLuiN0yZ9uzPqgDAcgDSKoEpwNP0BrliCT5GQJSaDJmlSB6vlze3NmOJlpWIcD5Wg3KfliP5M6IBlFIMvIdsnXjx822weEyME5IJP5am8ka_JO2dhyfOeMfmhHv6wFgTCQzXuwmWMQd8VJeBXn7VPHSkQURdPJtCXGafr9mm1Y64ppBpSIBDHKf9V4KrRu1yVggfK8EJWY2sjXtWEd6sHBtEHIZh8f8PzXTVDWvaEtwMCxo0nGjNW7sQhC6ddRbMV5bkWF-DrliqQD5VIdFVDxik1eOYUhWK6nUF09Q7bYKxNlQfU8ayDkhKnbhjsiIHOVCna6DNeFxWQyGQNRCiQlv8KS7T-E5YZ1kcesBKpIQXml8ERe2N4sndI-DyD4vkngGwwAgmc-RDCxrN6ZiUI79bISggqCLENMIk2dCHZAD_rVCVc-ntsZuwM0ZhNfFddxxsfqPBgQMAWDvvravmN3Cq9g6hFKNBVwlJ19_V3-bcvJI2nH2NgfAchL0VrhF6f3o2my2fZh8DUvYOi5GDdjmEsozxNaT_AUF5wrcfMS0jnM7gvUX1PWnkO-KL8erMmMJ2E_QXdbKhqLABKGC5LrEA5IFBAgEGAGSBQQIBRgEoAYugAfL_9xsqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOKkDNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0zODM4ODQ5NjY0MTk3NzMz&sigh=ICVlnPnZIKo&template_id=419

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=100&slotname=4249744502&adk=2817573891&adf=102378993&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x100&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795741&bpp=3&bdt=900&idt=194&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P36rFUFkzb&p=https%3A//www.iphonefirmware.com&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 5A7E 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=100&slotname=4249744502&adk=2817573891&adf=102378993&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x100&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795741&bpp=3&bdt=900&idt=194&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P36rFUFkzb&p=https%3A//www.iphonefirmware.com&dtd=210

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 23:57:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 5A7E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:17:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A7E 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 5A7E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:22:26 GMT

GET
DATA 200
OK truncated
/ Frame 7D4A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2829bd1d35e036219b13882c730c261f97fa245251d272c87301c5c49f0f73b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 728_x_90_1.png
tpc.googlesyndication.com/sadbundle/6518040543843310231/ Frame 7D4A 62 KB
62 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6518040543843310231/728_x_90_1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01f55e760a47427857a8a0381946d954ece505b2dd42ac6e10d2504c8dc8a1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:07:46 GMT
x-content-type-options: nosniff
age: 84130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63228
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 20:49:29 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 01:07:46 GMT

GET
H3-29 200 BitdefenderLogo_white-_2_.png
tpc.googlesyndication.com/sadbundle/6518040543843310231/ Frame 7D4A 28 KB
28 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6518040543843310231/BitdefenderLogo_white-_2_.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:07:45 GMT
x-content-type-options: nosniff
age: 84131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28426
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 20:49:29 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 01:07:45 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A99 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=200&slotname=4249744502&adk=1127641864&adf=81069172&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x200&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795744&bpp=11&bdt=902&idt=252&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90%2C750x100&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4umdzCd2Bl&p=https%3A//www.iphonefirmware.com&dtd=258
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=200&slotname=4249744502&adk=1127641864&adf=81069172&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x200&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795744&bpp=11&bdt=902&idt=252&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90%2C750x100&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4umdzCd2Bl&p=https%3A//www.iphonefirmware.com&dtd=258

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7D4A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 217795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7D4A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 281012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3EFF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:56 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 01:29:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:56 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BA0 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0FC3 2 KB
566 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 23:43:03 GMT
server: ESF
date: Fri, 06 Aug 2021 00:29:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEA1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:56 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 01:29:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:56 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D743 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4708 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eb28be7548766069cbb01b6ffd6d454b3b54147e6982da09bdec42a00492b3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D272 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91f427d26c6b0aca73db9db012510ac253e1f0633e529c5dc66c69158a79dca7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D59C 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=100&slotname=4249744502&adk=2817573891&adf=102378993&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x100&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795741&bpp=3&bdt=900&idt=194&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P36rFUFkzb&p=https%3A//www.iphonefirmware.com&dtd=210
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=100&slotname=4249744502&adk=2817573891&adf=102378993&pi=t.ma~as.4249744502&w=750&lmt=1628209795&psa=0&format=750x100&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795741&bpp=3&bdt=900&idt=194&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C728x90&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P36rFUFkzb&p=https%3A//www.iphonefirmware.com&dtd=210

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iframe.html Show response
p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame C6BC 4 KB
2 KB 126ms
63ms Document
text/html 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c489c90d8dc34ada0b20e813189367d0ba6f6d882937574883e04bef777bab55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-Tv8FWqrNxZW43CNwyjrTFw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1859
date: Fri, 06 Aug 2021 00:29:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0FC3 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 01:12:52 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0FC3 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 18:31:13 GMT

GET
DATA 200
OK truncated
/ Frame 5A7E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d7965e9555a2ec9a71e1f8ff52b3073619e4384bbad7c07dbfca785da6fa2ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107240354000/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "26bfa3b7da51af82"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D4A 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76238
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 06 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D4A 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 40935
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 06 Aug 2021 13:07:41 GMT

GET
H3-29 200 7196528861258492116
tpc.googlesyndication.com/simgad/ Frame 43F8 48 KB
48 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7196528861258492116?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnToAX4dA_ZYVF1CPaJ8fz_hxAJ8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92cbdc3bc98129f24feb5bc287e7b84faa709c9741cc6d5f55dee7c47822e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 09:48:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 11:22:40 GMT
server: sffe
age: 225700
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48942
x-xss-protection: 0
expires: Wed, 03 Aug 2022 09:48:16 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 43F8 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 23:57:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 43F8 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:17:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43F8 124 KB
37 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 43F8 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 00:22:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 43F8 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdQK7djD3V9kB-HDsPHKwyt_zqeLa0v_jlDniuAPucX8eeu5XnApjuJWNyRl7WswW9gM1p9DFgFByp3U7x6Z-pQbslYA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 43F8 26 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:51:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 43F8 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoGtBhIIMYdPiCJG17_UPmf6JuAOKirTLYZK94O26Dd3Hm5yRDhABIKSq0AhglQKgAZ2w7qEDyAECqQLuiN0yZ9uzPqgDAcgDyQSqBK8DT9ANa774bLQn5PYPW1K4Urf6imqGxCArWBUcOgG7RmY9twvHLIf4g3itZsXBtkifd9yoO0Jo_lj603Rb5zdeeQE-tKlQusYhTgo9nCQrJYZj6Fmr6z71vBtp1OvDNp-lP9t-GHJ8CKY66-mH10kk2r7LOb-1TJZy5H2q5tuqz26DobNQZRYwuUL7L4ha9LZxXgYnhJdYdYWm0xQBSfwGuOKnQVpGg8HuPfIId3bbKl4ty_yFnJ2i2O3omZ-hLEcyZtqvd9jA1s4XzchjTo-b-YmIf-65dV3Lh_jP8ulw26KrR2L_zip7WyrLvJwF43yuQ6dvFtuN0ho45Fkagf-v7GAKnYHO93KnrOYPlDFH1oY-6EkyXfjite2elhDeWXIlE-JxU5d0W7xS-M6BzdNKo3TvGEqxdvkhKDb7BCPu9tAvoAKpc1ss3K1t-Bi87Nybqawf4bxpLah2cCQGeRV1l6IhLVLLPqXFo5Ihf4Q3be1A3kLhPCo6kKvaAhjewGpNKFkTg5O1t3n4EX06WaeZB9ONL81tYt2xVoJ4J92MW_oOgLCSouejc4SCdEuI35PABJqZmsPrAZIFBAgEGAGSBQQIBRgEoAYCgAf1tJteqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELHFIdIICQiI4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0zODM4ODQ5NjY0MTk3NzMz&sigh=_Yet1BOoajM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 00:29:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2899 2 KB
567 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:900

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdb65c85e3d0d7be60ef0017b88fc183a2f12973211e671a6e0aecdece08d810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 22:39:30 GMT
server: ESF
date: Fri, 06 Aug 2021 00:29:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Aug 2021 00:29:56 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2899 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 01:12:52 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2899 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 18:31:13 GMT

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame 0FC3 18 KB
18 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:03:04 GMT
x-content-type-options: nosniff
age: 217613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18116
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:31:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:03:04 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06D9 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=190&slotname=5157757655&adk=275151754&adf=3238177153&pi=t.ma~as.5157757655&w=640&lmt=1628209796&psa=0&format=640x190&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795790&bpp=37&bdt=948&idt=324&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200%2C692x280%2C300x250&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=2277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=4J3wVvKdBv&p=https%3A//www.iphonefirmware.com&dtd=328

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 23:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuBWYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame 2899 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuBWYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df05d2f33fef3383a2bbd852400ad273eaa8f72127df287b34642db985193235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:50:51 GMT
x-content-type-options: nosniff
age: 229146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17604
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:38:36 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:50:51 GMT

GET
DATA 200
OK truncated
/ Frame 43F8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21deee77275c849329da7303df7da2f094607703c5ebda722c1afe62156a663b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A99
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 01:29:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame C04C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D743
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 01:29:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D59C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

35ms
34ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 01:29:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 4652 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=280&slotname=4249744502&adk=3575574307&adf=3928458729&pi=t.ma~as.4249744502&w=692&fwrn=4&fwrnh=100&lmt=1628209796&rafmt=1&psa=0&format=692x280&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795781&bpp=2&bdt=939&idt=288&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe234feb94fcd75b-2230cfad93c800db%3AT%3D1628209795%3ART%3D1628209795%3AS%3DALNI_MbG6dg55nxfen3a36YofRIdpPHPYg&prev_fmts=0x0%2C696x280%2C728x90%2C750x100%2C750x200&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=268&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cmtJgi5nTC&p=https%3A//www.iphonefirmware.com&dtd=292

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
H3-29 200 Grover_Logo_Claim-top-White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 0FC3 8 KB
2 KB 9ms
7ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/Grover_Logo_Claim-top-White.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 241217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2144
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Tue, 03 Aug 2021 05:29:40 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:29:40 GMT

GET
H3-29 200 sim.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 0FC3 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/sim.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 262185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Mon, 02 Aug 2021 23:40:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 23:40:12 GMT

GET
H3-29 200 phones_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 0FC3 48 KB
48 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/phones_2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 261409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48894
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Mon, 02 Aug 2021 23:53:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 23:53:08 GMT

GET
H3-29 200 1phones.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 0FC3 26 KB
26 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/1phones.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 219655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26884
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Tue, 03 Aug 2021 11:29:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 11:29:02 GMT

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame F98C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2899 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
H3-29 200 button_de.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/ Frame 2899 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/button_de.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3842b3252bc39a68964ce0fea5211fbdbd891a3be62670479a7e5a238d3a6cbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3246
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 03 Aug 2021 19:40:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 19:40:54 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/ Frame 2899 5 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/logo.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb807bcccc90a1d294a6dd79f7a29e77881b98a1e74e07de83ef4b0ba32c88df

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5320
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 03 Aug 2021 19:40:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 19:40:50 GMT

GET
H3-29 200 11052021_CB_Grover-1092_v7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/ Frame 2899 84 KB
84 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/11052021_CB_Grover-1092_v7.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe0d38edfed19699716e0d23d7d0edb2b4977081cb6d51cc73d77395985e97c1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86054
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 03 Aug 2021 19:40:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 19:40:54 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06D9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 01:29:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 00:29:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 00:29:57 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame D59F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
DATA 200
OK truncated
/ Frame 2899 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/ Frame 2899 5 KB
5 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/logo.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb807bcccc90a1d294a6dd79f7a29e77881b98a1e74e07de83ef4b0ba32c88df

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5320
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 03 Aug 2021 19:40:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 19:40:50 GMT

GET
H3-29 200 button_de.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/ Frame 2899 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/button_de.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3842b3252bc39a68964ce0fea5211fbdbd891a3be62670479a7e5a238d3a6cbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3246
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 03 Aug 2021 19:40:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 19:40:54 GMT

GET
H3-29 200 11052021_CB_Grover-1092_v7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/ Frame 2899 84 KB
84 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7231451807353208973/11052021_CB_Grover-1092_v7.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe0d38edfed19699716e0d23d7d0edb2b4977081cb6d51cc73d77395985e97c1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86054
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 03 Aug 2021 19:40:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 19:40:54 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 30ms
25ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92fbbcb5855d062100896f6365ac1145834065ca16db73d991073ccd5899d290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 00:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8635
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 06 Aug 2021 00:29:57 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5784 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 05 Aug 2021 17:23:07 GMT
expires: Fri, 05 Aug 2022 17:23:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7D7 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e37d8668aca519ad8fb16f759906312261ecf151950ca78f8a93337643947796

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9nNBw3pgBlvfb4iwW9GMRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iphonefirmware.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.iphonefirmware.com/

Response headers

expires: Fri, 06 Aug 2021 00:29:57 GMT
date: Fri, 06 Aug 2021 00:29:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9nNBw3pgBlvfb4iwW9GMRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 5784 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F267 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst40A1vpvXLopuodDrAHU8kGnHAqP1orZocr0o0Fe51RXAjg-CaMOloIXs9jUS53MxKMBkQ72MHvFWa5AjKHeANd5EcebjBDoezVbfmnkLepISeIdREShdbBhYzuQ&sai=AMfl-YR6EH48e-C6OQrMMP2RAYe2jxuZ2_87G_RNF_qOLWsmsku33tK6xvBGEAW9c9GRJZARWA5rFOWSSZVy&sig=Cg0ArKJSzNygXt9z-3nLEAE&id=lidar2&mcvt=1003&p=1076,298,1200,1303&mtos=210,859,1003,1316,1414&tos=210,649,144,313,98&v=20210804&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628209796349&dlt=11&rpt=3&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:29:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A7E 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQu2qaUkr3-Reppub5s8hIPVZ1qtHclIajgk5B8KIWW7ycJzBh298Xietaj--m2Etm-tNEwbwi4Fg9Yo_z74y8QuL4PgdAb10kqk-7UnHX1RpvPUpf3skl5zYbqA&sai=AMfl-YQi3YgiTMwK_2J3irBrxNiEoM-wimy88Kv_N-8sJLnPJkXVjSDSqUTOH7-XFjT0SyrsFsiFAT0Spm5T&sig=Cg0ArKJSzK9HwXvyZsliEAE&id=lidar2&mcvt=1005&p=428,239,521,989&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210804&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2817573891&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628209795953&dlt=689&rpt=81&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:29:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=3055041229966701&bg=!ERKlElbNAAals0SOpbM7ACkAdvg8Wu5vvQrieMd3BndKrS0Y3D7AhZ17f4kvhCukBIB-ZJmdwTlGtwIAAACHUgAAAAtoAQcKAKg57Y1N4107GOgAJooxHB2I-HVt1viNy4bKvNXfNkco0K4Za3OtuuVq7048zWBQgsA7DJDMuYDDRogFughRKO2K_X7N5d4nH9RzPUIOHcR2ytA7NXTlyZ2HUyBBpgsVbYQi3jpnpKoCUuXc94Bplc3vKnvk5l2Ly2vZQwQ_TYysQ6KgXEsi8dCdCOqlEIeXPVeXlmjN9z9Rd4ay4oz1zV9G-qayw2SMipiZAomGGIUCOrNathkTBrOZp3QmOPw_utypnM1_tJj1JzZJTHiUjrof2McmTP8iYo9sE84MBVI1qCauNdVA89yJOQY0-ekYLfLv1Xq0DTCawskVxj2z8159joUIB7vwfeBuOWSDJIrBgYCY6omFZhVwRiC_Nep2cqxUH6zjUIDM1dXn_fcbEvSXBVhJ4hiRquhUD6rdXQqqcKUzIiUzgZ3BoyTuhsiyzXYfy7odKu-fpfXDihXJAv4Vnse_ji5VDSW8Rk2UwRnNAYWgCuF5ZMpbXEZvE0_8MeMR2PBMStE5EzyUHLabvxsjnEUf6WHITaIaWC8wUaxhbI3_9mmi8aSj7gAgnFrPrIHb6LLAxLFXFkRKa4__1YsPe8h26lRUlO4GCFvmSqdwyUA6plceNndEb2s5vPu4bkD17ZQWWoBXaDq041_cynSyMzbN9nXLmAGiCD4GhRAmKmCbAc9z0b0bJ8_IIg6B1keFjSQ9nFcHjughBBQhJoF6QLOw_kjBRdLl4GJ0dJ3s3W-_xGxI8U8Shkw2m1G-_FPXa6lZjHxMAcFJ7h6tlELeeFjCWyJsiEudzILvwk7KfjpWVmbsSa5zR8sOuvFcvkDj0PMxbHIp8xgsTec69_zGaQrnhtTx7BaSTHRjCG22ZH4kIyLXBsY3IavuzJPI72vR3QoIbQalb99x0PmPp7qFgT4evA0Benxob-vmgOlChkv45UWaiKZTRi5CvWsysuGZXEKPe7TDZlvu03bzSyu46n8Ds_Y2Gu64E4obaOl6FIDRoiVPqsR45LsLhbyz1wyXBsuIf1Y4ZZhv_FjffgvImS9s54coTSsnjYpn5zKrWd2i1vvZF5UI23tU75hRM4S58cQt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iphonefirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:29:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7D4A 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQYvU4IAdbzZ7BKWji5KxQUC5FMPTE-3atDzXWbggOu51w9TeuUbsTPfs11mhM6mA720BR_lcpJNQ_qcVokTgrSv520ZSi8S_Mq6E2mJ85JdYRKnv8ULtUdcM4gA&sai=AMfl-YQ93LOV3Plp9bMjLABmnSMY0k8o4OhCEtnVhDFfEfTpIYMYJ463GaCT_odYMMzB9dUn1jq3P9kgoIDD&sig=Cg0ArKJSzJeT6UfGGqA0EAE&id=ampim&o=606,80&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=368&tls=1368&g=100&h=100&tt=1368&r=v&avms=ampa&adk=281592885

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:29:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/ 161 KB
24 KB 1602ms
1602ms XHR
text/html 138.68.253.67
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&mashsb-refresh
Requested by: Host: www.iphonefirmware.com
URL: https://www.iphonefirmware.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.253.67 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: fe811b45281f4cfe018a594f82af7a3648b2dd7c0f2fbef0cd0f8d560a205d3d

Request headers

:path: /imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&mashsb-refresh
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.iphonefirmware.com
referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone/?utm_source=hs_email&utm_medium=email&utm_content=146943904&_hsmi=146943904&_hsenc=p2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:30:03 GMT
content-encoding: br
server: nginx
link: <https://www.iphonefirmware.com/wp-json/>; rel="https://api.w.org/", <https://www.iphonefirmware.com/wp-json/wp/v2/posts/285503>; rel="alternate"; type="application/json", <https://www.iphonefirmware.com/?p=285503>; rel=shortlink
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 6.gif
p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame C6BC 35 B
427 B 188ms
60ms Image
image/gif 142.250.185.210
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.210 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:30:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame C6BC 35 B
427 B 47ms
14ms Image
image/gif 2a00:1450:4001:812::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 00:30:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 138.68.253.67
URL: https://138.68.253.67/wp-content/uploads/2017/08/8.jpg

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:16:50	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 05:38:25	Name: IDE Value: AHWqTUkcU6cio-l9-A_76iVHfwGzVoZ2evaw0X8iVDaCdjVwIu9AgR6IhTWUMRdrdlM
.iphonefirmware.com/	1970-01-19 20:16:49	Name: _gat_gtag_UA_11901922_1 Value: 1
.doubleclick.net/	1970-01-19 20:16:53	Name: DSID Value: NO_DATA
www.iphonefirmware.com/imazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.iphonefirmware.com/	1970-01-19 20:18:16	Name: _gid Value: GA1.2.1232831689.1628209796
.iphonefirmware.com/	1970-01-20 13:48:01	Name: _ga Value: GA1.2.161989905.1628209796
.iphonefirmware.com/	1970-01-20 05:38:25	Name: __gads Value: ID=be234feb94fcd75b-2230cfad93c800db:T=1628209795:RT=1628209795:S=ALNI_MbG6dg55nxfen3a36YofRIdpPHPYg

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yk4ygtW8Bx3Cm8-qQ4xW9gmWrz5YGj-HW4785L155PFwpdBzP9204(Line 13) Message: toS
console-api	log	URL: https://www.iphonefirmware.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.iphonefirmware.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js(Line 1) Message: not rate limited: 1628209823
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3838849664197733&output=html&h=90&slotname=4249744502&adk=281592885&adf=193766564&pi=t.ma~as.4249744502&w=728&lmt=1628209795&psa=0&format=728x90&url=https%3A%2F%2Fwww.iphonefirmware.com%2Fimazing-app-updated-with-tool-to-easily-detect-pegasus-spyware-on-iphone%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D146943904%26_hsmi%3D146943904%26_hsenc%3Dp2ANqtz-9vy4fSe-m-fdvugdW45X260wF5H2gO_ttiPYgpoLGZj3zZu1A1bREj4Rh7qilPmv8MY02fcBEpJ1lF2gj1sKKfjYp6tA&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628209795690&bpp=3&bdt=849&idt=218&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=223846803365&frm=20&pv=1&ga_vid=161989905.1628209796&ga_sid=1628209796&ga_hid=90856404&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C20211866%2C31062064%2C44748391&oid=3&pvsid=3055041229966701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=foTV1tzd56&p=https%3A//www.iphonefirmware.com&dtd=231

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

138.68.253.67
adservice.google.com
adservice.google.de
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
go.recordedfuture.com
googleads.g.doubleclick.net
i0.wp.com
p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i1-v6exp3.v4.metric.gstatic.com
p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-432825-i2-v6exp3.ds.metric.gstatic.com
p4-gtmqaaorxpabk-zyzb2ozykk6qtlmo-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.iphonefirmware.com
138.68.253.67
138.68.253.67
142.250.185.210
142.250.186.35
192.0.77.2
216.58.212.162
2606:2c40::c73c:6702
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2012
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9b
019a23f17c7d0cc65d257ba250044de687cb9fa272d034eb2b48327b284fcef0
01f55e760a47427857a8a0381946d954ece505b2dd42ac6e10d2504c8dc8a1f0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98
066bec584c8a88de6ae21bfa0ffb196ed53de8430f9c6a7bf06d835ce004e77f
092e48884034c04a7a72f967ca1c0c577e510e59036d0b958a9b841555478006
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
117a9049e22d3d9c3458f9d6b346ed424a0aeca924afcff9845596ca338e48f4
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d883500054bf269630ec04c191422d973c8e16741379d9aa6f47e147714663
20a918777b6de04da85d67eabdf52e3a43872ca2a8667a0771d14153fc19f58e
21deee77275c849329da7303df7da2f094607703c5ebda722c1afe62156a663b
253d8b908a5d3770fce2e7a9c469dd59cd4a341c0b7185d428030a879d02036d
2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1
27007414e5c5225daa8c76e8ab6ab960b06780c1180fe0d570a819e6e6e55908
2829bd1d35e036219b13882c730c261f97fa245251d272c87301c5c49f0f73b4
2c98b06b866d62246b7feb439b3c1ea5fbe3a26cf6303d7a731d6488da9580ba
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
34513f6e62e1b5dedbea61d6f79455a5df46097096913bbf1d154ac86b9d9fb5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
3842b3252bc39a68964ce0fea5211fbdbd891a3be62670479a7e5a238d3a6cbd
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4a429056f755a0ac9f4351c9712f1be8d43ba8d860300f36c0c1224eee9a3770
4d7965e9555a2ec9a71e1f8ff52b3073619e4384bbad7c07dbfca785da6fa2ba
4f81a88dd403ab1af758435c48266afe2daff6906c394a571a5f6f3735455123
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50339084ee0c21640989b9d2afffc78b22bd04cb057aeb6d7a3aa51576cf73b8
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
59cbfdef4f2a9a846d7f98276813927762f7f67851c64975563139d17d47620b
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
5c06210b4741292a719b5c2a45af4df469616fdcc709fb5f1d9cfc0a2adfd339
5dff9c04b84f05e3311a24e7c80db97d5610ce91147bad35ed9373355a0e4dea
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6164a283faed2d675c2d0ee22441b5c8cd6af8b181f96e7801fa9ef0c1fb128c
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
6560da0cf25117f0e66fbfe875c8707523166c05f67ea6d8714d417c65b1d251
6a2450a9523ba4d5b6d6dac5f7a86da5927b3e35e8592b57167636adca203d4a
6c8d774377d570b672a89989698b4550c183cfe00e921ee5cd1c1fa7c7f4942e
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9
774414b080fbc5054389f4964f6f01c36825cc6af27690abccd679fc3ad1a3f3
77700f3700263a0bcf41dd4d0e0421f15c14d28aa6c8b09da9bc4e0ebccdc6fc
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
7ece5db9ef7e64a03655f7b38829adaafd8861cb5cf6a68eb44aeb68096e148b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
81c7685af96badd81fad41fff2e20d53306a6b33c8662ca5821ba36622f6b4f9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859489fd402cb1b375c3f8f07af61cf53c380cd01a036cc675275b1185ef06bb
89d4f6c8de3694d936de1473091db6e31c2e15449e3a8fbbfab40abfaf1d7fa4
8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848
8dd561851a275ca34897393657c1b1db151f6d7e0367d641ae809f7fa3d46d58
8eb28be7548766069cbb01b6ffd6d454b3b54147e6982da09bdec42a00492b3f
91f427d26c6b0aca73db9db012510ac253e1f0633e529c5dc66c69158a79dca7
92fbbcb5855d062100896f6365ac1145834065ca16db73d991073ccd5899d290
95157b6565f039e7308af58424f9e7961d8879753fd37b4a5ee1e34ec100aa28
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13a1fe4a87c09c6e9122834b5351f80012e2c539b32bc1d33c6982efab21b4b
a23d42e5471f7af18d484923f84a9229d9be29624777747d2df7fb61c1a54faf
a26e8a416af07642bdfabe22fc71644a59e1de017774d70233f20478ffdd00a5
a401dd1f8f3b5bff72001acbea5a05514a850f6fa18cd569dc53efdc5fc70194
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a529d0dfbee9fc93c1db1ec993d0423cdc1ee9487d695d199553ce1eac4b32e1
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7b7956d64a4e0b7531b1967e653a4a46960736886ec9dcbd666688bdb3b14cb
a7e5b5b7f2c8dbe26db93eb7b17781d20ce27557f9de98383844d243bf35d93b
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
b00b3ad604405704bd7a814776856652b4dbd17ab9252dc79de4847eff2eb389
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
b08bd2e81df7790230135e81ef598de03213f5b4933b285e496437bbcbc2e3c3
b1a37b943d4881ec839cb18e84ee1c275fc65ee9499dad2e4975db40b41a7227
b232d1ff6380c9b1ab23758d51b4a0bd223e721278dd9e3094877ba261fd2316
b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463
b48ceb74cebd53c0c3ce95fca3724b562b98750e2f6b1742ddaf999e62074fd3
b5ab28c83daceea18df7df30475499cf303a7bd9b22d1de0eb0574720a30c4ba
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb807bcccc90a1d294a6dd79f7a29e77881b98a1e74e07de83ef4b0ba32c88df
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bead850321fe3f82971250006e4afd7a3225a0a56a03e3456374f105443b30e3
c489c90d8dc34ada0b20e813189367d0ba6f6d882937574883e04bef777bab55
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c94813b40e67b90628885eed29d95a3fcd276bc45e822a55ff8e3ff997a6e831
c9ee84bd6a58bf605226efd744ad1df005a11b74ce8b468e408517d68a6e8507
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc7ca004c1063671b25adb8079a88681121d2da2e4ab5629dc890c157919d4d2
ccb9cd2c7a7dec3880c2c6dc2ff5d9bae46ae21cec134f0c8b0cc1ce4fd275c0
cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00
d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b
d346c7830e298d071afddcf331b6c9c766abf43a42212a824671e6fe251b3ee9
d419b9622a79183171da1e3db9ed16276ba93b5fe5b984dc5f450f0124cf2613
d5410081c74670755c9f1a37d1263af34b7fe5f05363cf6c587f042529a5c290
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d67d3a7bce68ede8c0db7463af0eeb7c15d614c59463e46d7106589854c8ceff
d92cbdc3bc98129f24feb5bc287e7b84faa709c9741cc6d5f55dee7c47822e66
dd854f26eeccafafdc84c6a9d65441e8b94e92e1a650d1bf81ab6c6308bece18
ddbddda3edea95efea2eebf934c6a0794edb291fb28fdefe494a8ae049965e3f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de86a261595e6aa15abedbea378a89a6d78ebff1062323c1cb89cf031aa33f14
dec628d99ddf5b08d42c983485a7058f9c76a9d04fdac540752553a734bb8731
df05d2f33fef3383a2bbd852400ad273eaa8f72127df287b34642db985193235
e0eb54ec19455d0b0abda5d99169bac8c5c0b03dbf37b616fac1e03d4bde7399
e37d8668aca519ad8fb16f759906312261ecf151950ca78f8a93337643947796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6f988526396135a80458d2aa5d2eaa74934a2162153a190ee7b318631675664
ed52c4ae1f90e917191536309d62cc88b8aae85ba571cea6c81e7619f032d7cb
eeaf95cae35c98f3310fb6e54242260da9aa6b67a77ee6d84a544a090711effa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cb8c79cfcd4c8b05bb22f9bfa8678eafae5a85468b299ecb2d69f3b1c5bd6d
f5c0dec6d5e369201ca32138dda9135d507be18aeb492326f6b73829e7c8f681
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3
f8aa7f66f14434d9bcdd5aa10765e51b1eff02bcab20b4f6a3a1399f51bba024
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
fdb65c85e3d0d7be60ef0017b88fc183a2f12973211e671a6e0aecdece08d810
fe0d38edfed19699716e0d23d7d0edb2b4977081cb6d51cc73d77395985e97c1
fe811b45281f4cfe018a594f82af7a3648b2dd7c0f2fbef0cd0f8d560a205d3d
fee18c225ce930adca01552fa298135c2aa241778c40dda6d32f50dc04cb2b08
fff243b6952e199c13f2989b90c55d5badf0058a5793268dde9ab04eeabf903c

www.iphonefirmware.com Open in urlscan Pro 138.68.253.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

100 %HTTPS

77 %IPv6

15 Domains

22 Subdomains

23 IPs

3 Countries

2570 kBTransfer

7352 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.iphonefirmware.com Open in urlscan Pro
138.68.253.67 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

100 %
HTTPS

77 %
IPv6

15
Domains

22
Subdomains

23
IPs

3
Countries

2570 kB
Transfer

7352 kB
Size

8
Cookies

206 HTTP transactions
12 data transactions