wercfm.iheart.com Open in urlscan Pro
199.232.214.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/wV8fgHrswa
Effective URL:
https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pnam...
Submission: On April 11 via api (April 11th 2022, 12:33:16 pm UTC) from US — Scanned from DE

Summary HTTP 298 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 80 IPs in 7 countries across 61 domains to perform 298 HTTP transactions. The main IP is 199.232.214.193, located in United States and belongs to FASTLY, US. The main domain is wercfm.iheart.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on April 20th 2021. Valid for: a year.

This is the only time wercfm.iheart.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	184.73.156.246 184.73.156.246	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.217.69.250 3.217.69.250	14618 (AMAZON-AES) (AMAZON-AES)
53	199.232.214.193 199.232.214.193	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
9	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
20	2a04:4e42:4e:... 2a04:4e42:4e::596	54113 (FASTLY) (FASTLY)
16	199.232.214.84 199.232.214.84	54113 (FASTLY) (FASTLY)
1	54.194.251.50 54.194.251.50	16509 (AMAZON-02) (AMAZON-02)
1	52.208.32.237 52.208.32.237	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
7	199.232.213.13 199.232.213.13	54113 (FASTLY) (FASTLY)
1	34.242.253.233 34.242.253.233	16509 (AMAZON-02) (AMAZON-02)
2	143.204.202.47 143.204.202.47	16509 (AMAZON-02) (AMAZON-02)
1 2	54.246.173.2 54.246.173.2	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
11	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
1 3	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
7	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
9	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
4	199.232.210.84 199.232.210.84	54113 (FASTLY) (FASTLY)
1 20	52.30.141.83 52.30.141.83	16509 (AMAZON-02) (AMAZON-02)
4	65.9.66.173 65.9.66.173	16509 (AMAZON-02) (AMAZON-02)
1	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.201.254 143.204.201.254	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.7.213.91 52.7.213.91	14618 (AMAZON-AES) (AMAZON-AES)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	54.229.178.120 54.229.178.120	16509 (AMAZON-02) (AMAZON-02)
1	23.0.33.234 23.0.33.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2 5	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.178.150.13 35.178.150.13	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	162.247.242.31 162.247.242.31	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
2	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
8 10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	52.28.81.215 52.28.81.215	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1 1	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1 1	34.195.210.70 34.195.210.70	14618 (AMAZON-AES) (AMAZON-AES)
1	52.215.247.247 52.215.247.247	16509 (AMAZON-02) (AMAZON-02)
2 2	3.248.131.63 3.248.131.63	16509 (AMAZON-02) (AMAZON-02)
1 1	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	208.80.55.212 208.80.55.212	13360 (TRITONDIG...) (TRITONDIGITAL)
1	34.120.133.55 34.120.133.55	() ()
1 4	23.35.236.247 23.35.236.247	() ()
1	151.101.1.108 151.101.1.108	() ()
2	23.37.42.132 23.37.42.132	() ()
2	2.20.157.2 2.20.157.2	() ()
1	198.47.127.19 198.47.127.19	() ()
3 4	37.157.6.245 37.157.6.245	() ()
2 2	216.200.232.249 216.200.232.249	() ()
2	104.36.113.107 104.36.113.107	() ()
2 2	213.155.156.181 213.155.156.181	() ()
3	185.64.190.80 185.64.190.80	() ()
1	198.47.127.20 198.47.127.20	() ()
2 2	141.94.170.64 141.94.170.64	() ()
1 2	2606:4700:10:... 2606:4700:10::6816:1957	() ()
1	159.122.14.34 159.122.14.34	() ()
1 3	2.20.157.55 2.20.157.55	() ()
3 5	52.46.154.242 52.46.154.242	() ()
1 1	3.214.98.210 3.214.98.210	() ()
1	66.155.71.150 66.155.71.150	() ()
2 3	23.75.246.168 23.75.246.168	() ()
1	2a05:d018:d29... 2a05:d018:d29:3601:a361:57c8:93b7:1576	() ()
2 3	69.173.144.138 69.173.144.138	() ()
2 3	54.239.37.45 54.239.37.45	() ()
1	2a00:1288:80:... 2a00:1288:80:807::1	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
298	80

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.156.246 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-156-246.compute-1.amazonaws.com

ihe.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.69.250 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-69-250.compute-1.amazonaws.com

trib.al	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 199.232.214.193 (United States)

ASN54113 (FASTLY, US)

wercfm.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.inferno.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a04:4e42:4e::596 (United States)

ASN54113 (FASTLY, US)

i.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ww.api.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webapi.radioedit.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 199.232.214.84 (United States)

ASN54113 (FASTLY, US)

www.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.251.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-251-50.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.32.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.232.213.13 (United States)

ASN54113 (FASTLY, US)

api.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
global.api.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.253.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-253-233.eu-west-1.compute.amazonaws.com

synchrobox.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-47.fra53.r.cloudfront.net

delivery-cdn-cf.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.173.2 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-173-2.eu-west-1.compute.amazonaws.com

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-38.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.210.84 (United States)

ASN54113 (FASTLY, US)

us-events.api.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.30.141.83 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clearchannel.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-254.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.213.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-213-91.compute-1.amazonaws.com

tv47clj0la.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smy.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.178.120 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-178-120.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.150.13 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3b2df3388180d6d624d7a86c37c31dd7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.81.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-81-215.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a4f (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.210.70 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-210-70.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.247.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-247-247.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.131.63 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-131-63.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.80.55.212 (Canada) 1 redirects

ASN13360 (TRITONDIGITAL, CA)

playerservices.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (None, )

ASN- ()

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (None, ) 1 redirects

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.157.2 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.245 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.249 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.107 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.64 (None, ) 2 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (None, ) 1 redirects

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.20.157.55 (None, ) 1 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.154.242 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.98.210 (None, ) 1 redirects

ASN- ()

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.246.168 (None, ) 2 redirects

ASN- ()

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:a361:57c8:93b7:1576 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.37.45 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (None, )

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	iheart.com wercfm.iheart.com static.inferno.iheart.com — Cisco Umbrella Rank: 67948 i.iheart.com — Cisco Umbrella Rank: 9751 www.iheart.com — Cisco Umbrella Rank: 8191 api.iheart.com — Cisco Umbrella Rank: 7611 global.api.iheart.com — Cisco Umbrella Rank: 43400 ww.api.iheart.com — Cisco Umbrella Rank: 639902 webapi.radioedit.iheart.com — Cisco Umbrella Rank: 15190 us-events.api.iheart.com — Cisco Umbrella Rank: 14388 smy.iheart.com — Cisco Umbrella Rank: 17889	923 KB
20	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216 clearchannel.demdex.net — Cisco Umbrella Rank: 34977	27 KB
19	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	139 KB
13	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4320 log.outbrainimg.com — Cisco Umbrella Rank: 2307 images.outbrainimg.com — Cisco Umbrella Rank: 2117	407 KB
13	rubiconproject.com 6 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2630 fastlane.rubiconproject.com — Cisco Umbrella Rank: 458 token.rubiconproject.com — Cisco Umbrella Rank: 675 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3634 eus.rubiconproject.com pixel.rubiconproject.com	117 KB
13	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1340 amplifypixel.outbrain.com — Cisco Umbrella Rank: 11607 widget-pixels.outbrain.com — Cisco Umbrella Rank: 1633 odb.outbrain.com — Cisco Umbrella Rank: 1512 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5662	112 KB
12	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 302 s.amazon-adsystem.com aax-eu.amazon-adsystem.com	46 KB
11	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 491	129 KB
11	moatads.com z.moatads.com — Cisco Umbrella Rank: 390 mb.moatads.com — Cisco Umbrella Rank: 626 geo.moatads.com — Cisco Umbrella Rank: 583 px.moatads.com — Cisco Umbrella Rank: 419	103 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 3b2df3388180d6d624d7a86c37c31dd7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	40 KB
9	pubmatic.com hbopenbid.pubmatic.com Failed ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com	26 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 497	142 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 248 acdn.adnxs.com	21 KB
6	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 463 ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
5	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	2 KB
5	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 327 api.rlcdn.com id.rlcdn.com	1 KB
5	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 846 pr-bh.ybp.yahoo.com ads.yahoo.com	2 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	200 KB
5	adswizz.com 1 redirects synchrobox.adswizz.com — Cisco Umbrella Rank: 13517 delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5060 synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3716	21 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	33across.com ssc.33across.com — Cisco Umbrella Rank: 1496 dp2.33across.com — Cisco Umbrella Rank: 8763 ssc-cms.33across.com	529 B
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 137 ads.scorecardresearch.com — Cisco Umbrella Rank: 2310	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	137 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 983	587 B
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 7298 www.instagram.com — Cisco Umbrella Rank: 1119	5 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 624 syndication.twitter.com — Cisco Umbrella Rank: 891	133 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	898 B
2	onaudience.com 2 redirects pixel.onaudience.com	812 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	587 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1217 beacon.krxd.net — Cisco Umbrella Rank: 440	528 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 644	374 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	427 B
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 809	854 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2749 p1.parsely.com — Cisco Umbrella Rank: 2214	18 KB
1	linkedin.com px.ads.linkedin.com	709 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	simpli.fi um.simpli.fi	610 B
1	streamtheworld.com 1 redirects playerservices.live.streamtheworld.com — Cisco Umbrella Rank: 17437	1 KB
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 453	692 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1582	311 B
1	media6degrees.com idpix.media6degrees.com — Cisco Umbrella Rank: 2390	279 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7579	792 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 814	402 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 380	18 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 431	328 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1009	517 B
1	amazonaws.com tv47clj0la.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 372659	380 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1166	7 KB
1	gstatic.com fonts.gstatic.com	37 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	trib.al 1 redirects trib.al — Cisco Umbrella Rank: 16637	385 B
1	ihe.art 1 redirects ihe.art — Cisco Umbrella Rank: 198175	197 B
1	t.co t.co — Cisco Umbrella Rank: 476	581 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	clearchannel.com Failed content.clearchannel.com Failed
298	61

	Domain	Requested by
51	static.inferno.iheart.com	wercfm.iheart.com
18	dpm.demdex.net	1 redirects wercfm.iheart.com assets.adobedtm.com
16	www.iheart.com	wercfm.iheart.com www.iheart.com static.inferno.iheart.com
11	assets.adobedtm.com	wercfm.iheart.com www.iheart.com assets.adobedtm.com
10	cm.g.doubleclick.net	8 redirects ssum-sec.casalemedia.com
10	ww.api.iheart.com	www.iheart.com
9	images.outbrainimg.com
9	securepubads.g.doubleclick.net	wercfm.iheart.com t.co www.googletagservices.com
7	cdn.cookielaw.org	wercfm.iheart.com
7	i.iheart.com	wercfm.iheart.com www.iheart.com static.inferno.iheart.com
6	pagead2.googlesyndication.com	wercfm.iheart.com tpc.googlesyndication.com www.googletagservices.com
6	widgets.outbrain.com	wercfm.iheart.com
6	api.iheart.com	wercfm.iheart.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	match.adsrvr.org	3 redirects ssum-sec.casalemedia.com
5	ib.adnxs.com	2 redirects wercfm.iheart.com acdn.adnxs.com
5	connect.facebook.net	static.inferno.iheart.com wercfm.iheart.com
5	z.moatads.com	wercfm.iheart.com securepubads.g.doubleclick.net
4	c1.adform.net	3 redirects ads.pubmatic.com
4	px.moatads.com	wercfm.iheart.com
4	token.rubiconproject.com	4 redirects
4	smy.iheart.com	wercfm.iheart.com assets.adobedtm.com
4	c.amazon-adsystem.com	wercfm.iheart.com
4	us-events.api.iheart.com	wercfm.iheart.com www.iheart.com
4	www.googletagservices.com	wercfm.iheart.com securepubads.g.doubleclick.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	pixel.rubiconproject.com	2 redirects
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	image2.pubmatic.com	ads.pubmatic.com
3	tpc.googlesyndication.com	wercfm.iheart.com
3	log.outbrainimg.com	wercfm.iheart.com widgets.outbrain.com
3	idsync.rlcdn.com	2 redirects clearchannel.demdex.net
3	c2shb.ssp.yahoo.com	wercfm.iheart.com
3	tr.snapchat.com	wercfm.iheart.com
3	webapi.radioedit.iheart.com	wercfm.iheart.com
3	sb.scorecardresearch.com	1 redirects wercfm.iheart.com
2	pixel.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com
2	ads.pubmatic.com	wercfm.iheart.com
2	eus.rubiconproject.com	wercfm.iheart.com eus.rubiconproject.com
2	js-sec.indexww.com	wercfm.iheart.com ssum-sec.casalemedia.com
2	sync.crwdcntrl.net	2 redirects
2	mcdp-nydc1.outbrain.com	wercfm.iheart.com
2	prebid-a.rubiconproject.com	wercfm.iheart.com
2	odb.outbrain.com	wercfm.iheart.com
2	bam.nr-data.net	wercfm.iheart.com
2	www.facebook.com	wercfm.iheart.com
2	geolocation.onetrust.com	wercfm.iheart.com
2	ssc.33across.com	wercfm.iheart.com
2	clearchannel.demdex.net	wercfm.iheart.com assets.adobedtm.com
2	amplifypixel.outbrain.com	wercfm.iheart.com assets.adobedtm.com
2	www.instagram.com	1 redirects wercfm.iheart.com
2	platform.twitter.com	static.inferno.iheart.com wercfm.iheart.com
2	synchroscript.deliveryengine.adswizz.com	1 redirects delivery-cdn-cf.adswizz.com
2	delivery-cdn-cf.adswizz.com	www.iheart.com synchroscript.deliveryengine.adswizz.com
2	wercfm.iheart.com	t.co wercfm.iheart.com
1	px.ads.linkedin.com
1	ads.yahoo.com
1	id.rlcdn.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	pixel-sync.sitescout.com	ssum-sec.casalemedia.com
1	sync.extend.tv	1 redirects
1	um.simpli.fi
1	mwzeom.zeotap.com
1	spl.zeotap.com	1 redirects
1	image4.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ssc-cms.33across.com	wercfm.iheart.com
1	acdn.adnxs.com	wercfm.iheart.com
1	api.rlcdn.com	wercfm.iheart.com
1	playerservices.live.streamtheworld.com	1 redirects
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	ads.scorecardresearch.com	1 redirects
1	ml314.com	1 redirects
1	idpix.media6degrees.com
1	www.google.com	wercfm.iheart.com
1	3b2df3388180d6d624d7a86c37c31dd7.safeframe.googlesyndication.com	wercfm.iheart.com
1	adservice.google.com	wercfm.iheart.com
1	adservice.google.de	wercfm.iheart.com
1	dp2.33across.com
1	d.turn.com	1 redirects
1	js-agent.newrelic.com	wercfm.iheart.com
1	aa.agkn.com	1 redirects
1	widget-pixels.outbrain.com	wercfm.iheart.com
1	tcheck.outbrainimg.com	wercfm.iheart.com
1	fastlane.rubiconproject.com	wercfm.iheart.com
1	htlb.casalemedia.com	wercfm.iheart.com
1	cm.everesttech.net	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	tv47clj0la.execute-api.us-east-1.amazonaws.com	wercfm.iheart.com
1	sc-static.net	wercfm.iheart.com
1	ads.rubiconproject.com	wercfm.iheart.com
1	p1.parsely.com	wercfm.iheart.com
1	cdn.parsely.com	wercfm.iheart.com
1	platform.instagram.com	1 redirects
1	synchrobox.adswizz.com	www.iheart.com
1	global.api.iheart.com	wercfm.iheart.com
1	fonts.gstatic.com	fonts.googleapis.com
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	fonts.googleapis.com	wercfm.iheart.com
1	trib.al	1 redirects
1	ihe.art	1 redirects
1	t.co
0	global.ib-ibi.com Failed
0	content.clearchannel.com Failed	securepubads.g.doubleclick.net
0	hbopenbid.pubmatic.com Failed	wercfm.iheart.com
298	113

This site contains links to these domains. Also see Links.

Domain
pro-verbraucher.info
goo23.com
www.inpixio.com
www.outbrain.com
www.conflictnations.com
1025thebull.iheart.com
1037theq.iheart.com
magic96.iheart.com
1031thevulcan.iheart.com
1041beat.iheart.com
alt991.iheart.com
b1065.iheart.com
hallelujah1051.iheart.com
960werc.iheart.com
www.iheart.com
www.facebook.com
www.twitter.com
publicfiles.fcc.gov
politicalfiles.iheartmedia.com
i.iheart.com
twitter.com
iheartbirminghamadvertising.com
www.iheartmedia.com
www.onetrust.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.937theriver.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.adswizz.com Amazon	`2021-08-21` - `2022-09-19`	a year	crt.sh
*.deliveryengine.adswizz.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-04-18`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-07-22` - `2022-08-20`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smy.iheart.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-26` - `2022-05-27`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-09` - `2022-05-10`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh

This page contains 27 frames:

Primary Page: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Frame ID: B3A840BDB8CF72893A2A9DF0D3226E39
Requests: 161 HTTP requests in this frame

Frame: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
Frame ID: E186BAF92345776E14FA004BCF333CAF
Requests: 31 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 140D2D788A8CF89A1C33BAC1272D00BF
Requests: 1 HTTP requests in this frame

Frame: https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F
Frame ID: 0E8D5B3B6E7CDF5B964B4403A1171E16
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: C72E3F8192A31831F397908BEDFE8449
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c1cdceed40059a51b374bf347e6a2ae0.html?origin=https%3A%2F%2Fwercfm.iheart.com
Frame ID: 93071E03C18493232E57826D4038A2E4
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=015fcbb1-38ea-41dc-ae3e-391a68f31a4b
Frame ID: 76DB24E9E626EED759ECE6C9EF6F0646
Requests: 1 HTTP requests in this frame

Frame: https://clearchannel.demdex.net/dest5.html?d_nsid=0
Frame ID: FCE8474FD714F47EA888476F472341A1
Requests: 19 HTTP requests in this frame

Frame: https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F
Frame ID: C7ADB5C3C1A3E463187D262823A0BFFE
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 0AF0ADA6B2D00FBC55C939A292F4F83E
Requests: 1 HTTP requests in this frame

Frame: https://clearchannel.demdex.net/dest5.html?d_nsid=0
Frame ID: B0F91DF3BC76339A59ADAC405237A93B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F748E775B0498EAD25A25646B9083C4E
Requests: 1 HTTP requests in this frame

Frame: https://3b2df3388180d6d624d7a86c37c31dd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E56EB1406148691BDC22808F1A6E4E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50B9483B48B6B1DE8B6DDA2672E4534C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A1F1C8839AA08D7BA763006CB6B0730
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXFL3eyoDpmt1Q1WxSCInOGphfgUAQuDJYb2yBtRdZdGgljxJ3hZQ-q8aiyaXqRfTAwqeFtx8LGnj_z_EbD4RUP0Znk0cdYCABLKzafXH6E0dFnxWkNo5rAUG6HBW1weyGR8ZrOAKDLBvpmpg8kLJa9_hY_VsZahVCsj8zRysu0Ch-nILVuqbV_VKEiEX2YLCfxxuXE68uN_Qk1JnBaoC9flHbQkxxia53Fs2CutUHTJvN5ta1pXPb28Je3g003MKD_VqB2ISx5l6KrU19rOs_bdeAMsW1PFNaUY-PQnnn-7c1-NCMs16mVwBNR-yz4ISUNEQ&sai=AMfl-YS0P9eKGl3zOjICAslm_stxUQgG1YBfOQ4M8Pach5M1MpCTmwtojot_Fpn4yNZfmmBxH-ov9JzurDJUXf9qncksAMjcIvmwX6iuQ3Vg&sig=Cg0ArKJSzGM5Lk0BWc3_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DDC76BCCD838DD32D220C556AD1AF436
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve83ziB1dCnqkfC1N9zaAz7d33Em42MGbkm9bUjbR1bk8yqcogNp36xSlWB1jKkoIUyJL3UO3gcdvFxuU46ipVKxfpVix-yvevJ2rTvV7uyTyM74IrVXpYo_6znEq6aAy7TtiZm0QgQEw6SffW31BuuI3aH5ZcbTz8b55M4USSwWAwfiOchqz_PSYyoIL6h_QZTMHoDifzpjZWIH-Ji98UuEYcRdwWcMBbZMj7lVjb1Q68F-ulCISw_X4xktkCbryIRUBxjv7pHkTjbchFTigEzDaMaH55F9zrVV1-jU2N5K-fO5e71TqDipE5wq_45Evo4DM&sai=AMfl-YSPtlfoLBU8_H_ZXdnoHwxFO1QQXD0ANScd83IqGGKSjTE68SiG5tZUupBTomgRA8QdaisqoDEBGrwNbF4mOaSHN7WIWlnac4aCGgTq&sig=Cg0ArKJSzID5Z3iSalIpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CF214AF4EB616B829B7F7D207D89ABA6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUMQgf-hRQrH2cKbmVsdXM_lRULc-5FR4oyzYVkGYDoRaQ81az690t6aKf-E2oUCJvG5ecXExrkx80N5KlzXJDt4nroeys4uINplPYGtoJB3v5sryJ11NiTd_4kBQjdZI3wiS4gfrgoWr2UTgV8WAVPbJBzMa1F5uKuBLOBnzQUBOwtDJjJtbNTEY1MaFC7QavQwQS_oxIiERXxoEtLhkSv4zI72bVap2KURsqESTDUCaKV1Iza8iTBQ0abp9ogvWwDSyV7h9zbRPVFi0S9paAzqpX55-VxUZ0Y_OBfg0cjyB2vDcgrMXuho9w0wCChyIur5s&sai=AMfl-YR0AmPn0Oy_63lohCQuRTa3RY6axxLTTVOgzvORA_7ezby2OQeiewt_33IFt3UKTr7Sam-papx6phReSgTtwmuQ_5l0fjCyAQhLlkb-&sig=Cg0ArKJSzFv68uASDhsmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AD98D7FFD4DCEE506ED443CB0F590905
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 97A6F5413AA8F9F7BDA5AAFA050E1315
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1F0864A8339F6F517A7F6AE70FA4347C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 62B6A25C55974DE3633B4B1CB708D94C
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dDgjHgquWr7lP1rkHcnnVW&gdpr_consent=undefined&us_privacy=1---
Frame ID: E592E478AFAA74E996DB44F99053FA47
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159896&us_privacy=1---
Frame ID: 8DCA0256AB7792C6C33C0A387A7CC212
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: DBAF01698B628EC399D152F28E51F835
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=102EDF8A-2E42-43E1-A67A-8F2496AA1DED
Frame ID: 37CA35788B4D7288AB3DB0271D82089A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a0b46254-200c-4600-adf0-ecee1119d699&gdpr=0&gdpr_consent=
Frame ID: 54B01EF9C61D8F8F56DFAA6F14E0AFAD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1966836341440672838
Frame ID: 3058303AE49BA5F21E4E38A7A4F7D55B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

8 Million Cash App Users Could Have Been Affected By Data Breach | News Radio 105.5 WERCBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://t.co/wV8fgHrswa Page URL
http://ihe.art/K8L2xSY HTTP 301
http://trib.al/K8L2xSY HTTP 301
https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?K... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

298
Requests

87 %
HTTPS

26 %
IPv6

61
Domains

113
Subdomains

80
IPs

7
Countries

2817 kB
Transfer

8005 kB
Size

49
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://pro-verbraucher.info/zez-l2t-ob/?ob_clickid=$ob_click_id$&utm_source=outbrain&utm_medium=display&utm_campaign=001cee8f9446a97b3acedb658315dd5fe0&utm_term=$publisher_name$_$section_name$&utm_content=Mit+diesem+Trick+erhalten+Sie+kostenlosen+Zahnersatz&obOrigUrl=true
Title: Mit diesem Trick erhalten Sie kostenlosen Zahnersatz Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://goo23.com/click.php?key=wffwwc9ijqda9hsgra7z&ob_click_id=$ob_click_id$&trafficsource=00b243115d103e17c74e47db50fea5c993&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=ED_AMS_DE_Desktop_Young_Semi_09_03_22&obOrigUrl=true
Title: Urologen-Geheimtipp: Wie man die blaue Pille diskret online kaufen kann. Apomeds.com

Search URL Search Domain Scan URL

URL: https://www.inpixio.com/static/lp/photostudio/DE/?tracking=INPIXIO_DE_PP_OB_PSTUDIO11_CPA&campaignid=Outbrain_IPX&filter=INPIXIO_DE_PP_OB_PSTUDIO11_CPA&keyword=SeagirlV2&clickid=$ob_click_id$&obOrigUrl=true
Title: inPixio Photo Studio 11 - Foto-Bearbeitung ganz einfach! InPixio

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://www.inpixio.com/static/lp/photostudio/DE/?tracking=INPIXIO_GERMANO_PP_OB_PSTUDIO11_CPA&campaignid=Outbrain_IPX&filter=INPIXIO_GERMANO_PP_OB_PSTUDIO11_CPA&keyword=SeagirlV2&clickid=$ob_click_id$&obOrigUrl=true
Title: inPixio Photo Studio 11 - Foto-Bearbeitung ganz einfach! InPixio

Search URL Search Domain Scan URL

URL: https://goo23.com/click.php?key=wffwwc9ijqda9hsgra7z&ob_click_id=$ob_click_id$&trafficsource=008431f9ec7f0877f5cf396dfee49f0744&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=ED_AMS_DE_Desktop_Young_Semi_09_03_22&obOrigUrl=true
Title: Urologen-Geheimtipp: Wie man die blaue Pille diskret online kaufen kann. Apomeds.com

Search URL Search Domain Scan URL

URL: https://www.conflictnations.com/index.php?id=322&lpv=1&L=0&r=94012&placement=$publisher_name$_$section_name$&c=0093978a6a9ac13dabf29e9fea03949657&obOrigUrl=true
Title: How would you react if your country got attacked? This game simulates geopolitical conflicts Conflict of Nations

Search URL Search Domain Scan URL

URL: https://1025thebull.iheart.com/
Title: 102.5 The Bull

Search URL Search Domain Scan URL

URL: https://1037theq.iheart.com/
Title: 103.7 The Q

Search URL Search Domain Scan URL

URL: https://magic96.iheart.com/
Title: Magic 96.5

Search URL Search Domain Scan URL

URL: https://1031thevulcan.iheart.com/
Title: 103.1 The Vulcan

Search URL Search Domain Scan URL

URL: https://1041beat.iheart.com/
Title: 104.1 The Beat

Search URL Search Domain Scan URL

URL: https://alt991.iheart.com/
Title: Alt 99.1

Search URL Search Domain Scan URL

URL: https://b1065.iheart.com/
Title: B 106.5

Search URL Search Domain Scan URL

URL: https://hallelujah1051.iheart.com/
Title: Hallelujah 105.1

Search URL Search Domain Scan URL

URL: https://960werc.iheart.com/
Title: 960 WERC

Search URL Search Domain Scan URL

URL: https://www.iheart.com/apps/
Title: Download The Free iHeartRadio App

Search URL Search Domain Scan URL

URL: https://www.iheart.com/podcast/
Title: Find a Podcast

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1055WERC

Search URL Search Domain Scan URL

URL: https://www.twitter.com/1055werc

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/WERC-FM/
Title: WERC-FM Public Inspection File

Search URL Search Domain Scan URL

URL: https://politicalfiles.iheartmedia.com/files/location/WERC-FM/
Title: WERC-FM Political File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/WERC/
Title: WERC Public Inspection File

Search URL Search Domain Scan URL

URL: https://politicalfiles.iheartmedia.com/files/location/WERC/
Title: WERC Political File

Search URL Search Domain Scan URL

URL: https://i.iheart.com/v3/re/assets.eeo/61a7d90feb11a09b5774e832?passthrough=1
Title: EEO Public File

Search URL Search Domain Scan URL

URL: https://www.iheart.com/live/news-radio-1055-werc-3085/?sc=inferno&campid=a&pname=WERC-FM
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1055WERC/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/1055WERC
Title: Twitter

Search URL Search Domain Scan URL

URL: https://iheartbirminghamadvertising.com/
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://www.iheartmedia.com/careers
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://www.iheart.com/content/privacy-and-cookie-notice/#optout
Title: Learn how to make additional choices about data sharing

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/wV8fgHrswa Page URL
http://ihe.art/K8L2xSY HTTP 301
http://trib.al/K8L2xSY HTTP 301
https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 100

https://sb.scorecardresearch.com/b?c1=2&c2=6036262&cs_ucfr=&ns__t=1649680389134&ns_c=UTF-8&cv=3.5&c8=8%20Million%20Cash%20App%20Users%20Could%20Have%20Been%20Affected%20By%20Data%20Breach%20%7C%20News%20Radio%20105.5%20WERC&c7=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&c9=https%3A%2F%2Ft.co%2FwV8fgHrswa HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_ucfr=&ns__t=1649680389134&ns_c=UTF-8&cv=3.5&c8=8%20Million%20Cash%20App%20Users%20Could%20Have%20Been%20Affected%20By%20Data%20Breach%20%7C%20News%20Radio%20105.5%20WERC&c7=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&c9=https%3A%2F%2Ft.co%2FwV8fgHrswa

Request Chain 105

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1649680389196 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1649680389196

Request Chain 130

https://cm.everesttech.net/cm/dd?d_uuid=65398431733821776444154818328617148809 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlQgBQAAAB8KuAO1

Request Chain 162

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65398431733821776444154818328617148809 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164860604118000230598

Request Chain 171

https://idsync.rlcdn.com/365868.gif?partner_uid=65398431733821776444154818328617148809 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjUzOTg0MzE3MzM4MjE3NzY0NDQxNTQ4MTgzMjg2MTcxNDg4MDkQABoNCIbA0JIGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a3bfd1d9349b1cafd00f59f6e613fc26ddd145c3243164b83c9d53e6a16e250fb0da87c991749652

Request Chain 179

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7348616821894841727

Request Chain 186

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4248461613120979943

Request Chain 190

https://token.rubiconproject.com/token?pid=6404&puid=65398431733821776444154818328617148809&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L1UP3Z91-1I-HDQQ?gdpr=0

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjUzOTg0MzE3MzM4MjE3NzY0NDQxNTQ4MTgzMjg2MTcxNDg4MDk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjUzOTg0MzE3MzM4MjE3NzY0NDQxNTQ4MTgzMjg2MTcxNDg4MDk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3CsIv15ZZ2Vq7JenbUpQ8&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 226

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a92bca1c-5ab4-426f-be6a-6f9eca328963

Request Chain 242

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626432548518756380

Request Chain 243

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=65398431733821776444154818328617148809&rn=1649680389475&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D65398431733821776444154818328617148809 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65398431733821776444154818328617148809

Request Chain 244

https://usermatch.krxd.net/um/v2?partner=adobe&id=65398431733821776444154818328617148809 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65398431733821776444154818328617148809

Request Chain 253

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=65398431733821776444154818328617148809?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=65398431733821776444154818328617148809?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 256

https://tags.bluekai.com/site/43981?id=65398431733821776444154818328617148809&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096

Request Chain 257

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=123f7bbadeb0a76d8e65328be6d341fb

Request Chain 258

https://playerservices.live.streamtheworld.com/api/getuuid?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D963840%26dpuuid%3D%40UUID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=963840&dpuuid=b6ee243c-a5e9-4cab-a4f6-fddccdb1d5a2

Request Chain 270

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 272

https://c1.adform.net/serving/cookie/match?party=14&cid=102EDF8A-2E42-43E1-A67A-8F2496AA1DED HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=102EDF8A-2E42-43E1-A67A-8F2496AA1DED

Request Chain 273

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a0b46254-200c-4600-adf0-ecee1119d699&gdpr=0&gdpr_consent=

Request Chain 274

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1966836341440672838

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EC7fii5CQ-Gmeo8klqod7Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 276

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=578b6254-200c-4500-bffc-71a1601f80a5

Request Chain 277

https://pixel.onaudience.com/?partner=214&mapped=102EDF8A-2E42-43E1-A67A-8F2496AA1DED HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=a92bca1c-5ab4-426f-be6a-6f9eca328963&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=429b6777040310d5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=44a00809-85c6-4e71-5c39-610216b1406d&reqId=b35ef190-8ba7-41d7-7359-b3918247bbfa&zcluid=429b6777040310d5&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEESkwPNwYBcLozqCDJYJFqU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=44a00809-85c6-4e71-5c39-610216b1406d&reqId=b35ef190-8ba7-41d7-7359-b3918247bbfa&zcluid=429b6777040310d5&zdid=1332

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTAyRURGOEEtMkU0Mi00M0UxLUE2N0EtOEYyNDk2QUExREVE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKEdjwWej0H3ZlAgdMgPFwU&google_cver=1

Request Chain 281

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1098310237605171914

Request Chain 283

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlQgC7.U7ZH7jJD6BYLf3gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEd7WP5AgaE--f0AFKeiQY0&google_cver=1&gdpr=1&google_hm=2

Request Chain 285

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB&dcc=t

Request Chain 286

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1c4d0d3-2f46-4846-9189-49ac19822dff

Request Chain 288

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7029667951980965821&uid=Q7029667951980965821&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMcUaLhiuIEvitEdPTCsifA&google_cver=1

Request Chain 294

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=A31ay6g4Qr-etwrJ60p9yw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=A31ay6g4Qr-etwrJ60p9yw

Request Chain 295

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UP3Z91-1I-HDQQ&sigv=1&esig=2~4191c51e5be2a85e2ac716c7a78387bcd893bf87&us_privacy=1---

Request Chain 296

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uYA9MWQ7RtmCEVU9IhPkfg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uYA9MWQ7RtmCEVU9IhPkfg

Request Chain 297

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVUDNaOTEtMUktSERRUQ==&us_privacy=1---

Request Chain 298

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1UP3Z91-1I-HDQQ&us_privacy=1---

298 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 wV8fgHrswa
t.co/ 260 B
581 B 142ms
127ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/wV8fgHrswa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 195
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 12:33:04 GMT
expires: Mon, 11 Apr 2022 12:38:05 GMT
referrer-policy: unsafe-url
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 212cbc094248616d779301d8d49d9887f9b017b3f5af5dc111464a671129c729
x-response-time: 120
x-xss-protection: 0

GET
H2

200

Primary Request / Show response
wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/
Redirect Chain

http://ihe.art/K8L2xSY
http://trib.al/K8L2xSY
https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

411 KB
74 KB

1547ms
960ms

Document
text/html

199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Requested by

Host: t.co
URL: https://t.co/wV8fgHrswa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

5aae9441923039d7f8e41f3e31c3682b7a3bff713daab7a3976917789e075aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.co/wV8fgHrswa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 74767
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 12:33:07 GMT
etag: W/"66da1-Vfh3mgGN2HyY4iM0li3BPg+wzP0"
expires: 2022-04-11 12:48:07
strict-transport-security: max-age=300
vary: Origin, Origin, Accept-Encoding, X-Forwarded-Host,X-Public,Cookie
via: 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
x-be-age: 0
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-dest: http://inferno-20220405154333:8000 http://grs-20220322192429:8000
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-public: 1
x-re-cache: MISS
x-request-id: cortex-proxyd-varnish-7d7bf5db86-qf5rw/RW77GW21j5-165186829 cortex-proxyd-varnish-7d7bf5db86-229b9/v5z5pAjV9d-165184623
x-served-by: cache-iad-kiad7000161-IAD, cache-hhn4036-HHN
x-shard: varnish-cluster-a-7
x-timer: S1649680387.612581,VS0,VE954
x-uncacheable: true
x-url: /content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Redirect headers

Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 361
Content-Type: text/html;charset=utf-8
Date: Mon, 11 Apr 2022 12:33:05 GMT
Location: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Server: CherryPy/7.1.0

GET
H2 200 bundle.cf144bdda19472083855.css
static.inferno.iheart.com/inferno/styles/ 44 KB
8 KB 130ms
14ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/bundle.cf144bdda19472083855.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fef562a681a0bd637d1f3809affaf950474e5141cd1953c1ca0666a11442e2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 3347078
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 7430
x-amz-id-2: Lg81s2MV2copozRBikilTvaQTuy+oQ9Tm9qBjP30/b5ht2rxRu0D3BhonINGWn4XeNVE1G8iZeE=
x-served-by: cache-iad-kjyo7100038-IAD, cache-hhn4036-HHN
last-modified: Thu, 03 Mar 2022 18:34:14 GMT
server: AmazonS3
x-timer: S1649680388.816403,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "e05160fd9d02c3cf45ea04d9f9bd26d5"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: VQ5FJ472TV839SSD
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 653, 2

GET
H2 200 src_app_core_chrome_AppTray_component_tsx-src_app_core_chrome_Footer_component_tsx-src_app_co-b812c1.0d6f3fb2659ac833d300.css
static.inferno.iheart.com/inferno/styles/ 23 KB
5 KB 130ms
14ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/src_app_core_chrome_AppTray_component_tsx-src_app_core_chrome_Footer_component_tsx-src_app_co-b812c1.0d6f3fb2659ac833d300.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9673c83d7ec0320e6e13dbda622f3240cda4e3d5cae2494deecf6ca04814b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 516325
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4409
x-amz-id-2: fBkhGVClCOOuzUiFHcstxc4gft5YldvkOBCsNOS8OiWrb86be1UlR1t+NClDPnjw8jATneoBHXQ=
x-served-by: cache-iad-kiad7000121-IAD, cache-hhn4036-HHN
last-modified: Mon, 04 Apr 2022 23:08:42 GMT
server: AmazonS3
x-timer: S1649680388.816561,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "e0213736f46156f7995b461fa9088d4e"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 0Y2H3XN9JTCB33WZ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1, 16

GET
H2 200 sites-local.f5ee34fe724265f45004.css
static.inferno.iheart.com/inferno/styles/ 1 KB
992 B 134ms
19ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/sites-local.f5ee34fe724265f45004.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ec42f1b9f496a42d963da7b55ddc27b3c19d0ce5a386bbbd2ec4f1ba4cf802d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 1548000
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 668
x-amz-id-2: lfbO/mCFpVb+jTetxtF1COXSNOwwA/5OwWXcZgOQUvV9WkJp9I/JvgLw5ZbLxGn1F5R8aHF4QyU=
x-served-by: cache-iad-kjyo7100155-IAD, cache-hhn4036-HHN
last-modified: Tue, 22 Mar 2022 14:52:50 GMT
server: AmazonS3
x-timer: S1649680388.820784,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "bc67faed2924afbc802b9fa182a35757"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 2V8JMR79F0Z50W5B
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 FrontMatter-component.b801677db81c17bf2e58.css
static.inferno.iheart.com/inferno/styles/ 3 KB
1 KB 130ms
15ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/FrontMatter-component.b801677db81c17bf2e58.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9780b43c6d219f0887382858b796fee8ad6e2a5174b25ebbbc8681cd97d7c51b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2271254
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1179
x-amz-id-2: XHpgdWL2WX/5SCdPKEKqrMCvUTaTky9PfUovPAE2nMI6iEv5nLvDsvXlGjn7PYOrACJ+pt2QeAc=
x-served-by: cache-iad-kjyo7100131-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.816179,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "b4f4de34d482fc60a34539ba7550e556"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: P7DVZB3H8939VA15
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 135, 1

GET
H2 200 Heading-component.55654afae0e005acfe7f.css
static.inferno.iheart.com/inferno/styles/ 1 KB
939 B 130ms
15ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/Heading-component.55654afae0e005acfe7f.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f3dcce7778313ca3be950ba662fa73c811101809b251d637361cb197fca126b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2182236
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 677
x-amz-id-2: pWQGiwKNkXDR7W2K0nqwFr51DMnAC09t7CcU0SFpFjObYM1UInAXAgtuwcAysyO4nCWHOV6EqpA=
x-served-by: cache-iad-kiad7000025-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.815704,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "719c5cb40213575fec0539fc0dcb7fa3"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: X5JMC7MX43CSYDS7
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1362, 1

GET
H2 200 Content-component.a9e29ab6c2cbf7697dfd.css
static.inferno.iheart.com/inferno/styles/ 1 KB
971 B 131ms
16ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/Content-component.a9e29ab6c2cbf7697dfd.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

426b4a2a7f794a48357e439a07ede45ebe95889c682a9ae1fde150c4e71e5928

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2091957
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 643
x-amz-id-2: BszUScP5hdvSYL6xXG799FRB4/6+fd07EWYSYGDkNfvihHM9NLV+U2DHyOplOLuCvBNjywwqm10=
x-served-by: cache-iad-kcgs7200091-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 22:55:43 GMT
server: AmazonS3
x-timer: S1649680388.815024,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "ee8e660c16e5c22e5363c03a6331f77f"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: SM4WKZBV43JXM479
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 5404, 1

GET
H2 200 AssetLegacy-component.544caf303a902d9a14f2.css
static.inferno.iheart.com/inferno/styles/ 2 KB
1 KB 130ms
15ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/AssetLegacy-component.544caf303a902d9a14f2.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6663130b125dccfff16f71ae9406a6b58e1039a0a400608bb75f88d04926f0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2955302
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 811
x-amz-id-2: L3UdqA4E/WvQ6SsuokCnCOZzJZQ4D6GsvtFFCbw1mIID/rsZ/RxWlgkddQFvlkbkvKOAIpXOnhI=
x-served-by: cache-iad-kcgs7200109-IAD, cache-hhn4036-HHN
last-modified: Mon, 07 Mar 2022 22:23:48 GMT
server: AmazonS3
x-timer: S1649680388.815297,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "2cd20b8205e3a5aaea51d321251a864a"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: W05Y24D804EPA45A
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 65, 1

GET
H2 200 ImageAsset-component.7ca0566aa6d9cad9c6e8.css
static.inferno.iheart.com/inferno/styles/ 8 KB
2 KB 133ms
18ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/ImageAsset-component.7ca0566aa6d9cad9c6e8.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8b8a496ad90a7167ad6da4018203c40a2dd365a86c5ff47f2788b4337184fe3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2270707
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 2096
x-amz-id-2: M9LJIj/n/5hD25zVIcoSqj5a6RENaWMPU6i7aI3ZGkC4bzqnBuAxwN2JY6Bk+Cor1eh8RFEqo5c=
x-served-by: cache-iad-kjyo7100136-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:11 GMT
server: AmazonS3
x-timer: S1649680388.820782,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "7e9ce78b5af08a4a8170007358461deb"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: R65MN25B1JZJ7GNZ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 164, 1

GET
H2 200 HtmlEmbedLegacy-component.6e93e69538d242ac11d8.css
static.inferno.iheart.com/inferno/styles/ 1 KB
914 B 129ms
15ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/HtmlEmbedLegacy-component.6e93e69538d242ac11d8.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1a067562a77d5d7e947c110ec2a319b82f1916755bec981ad845eba52132691e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2272080
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 581
x-amz-id-2: dhuhbN8q1c+n0bEDYey5vIqRgixhh3zJNH7QDYizHOgI14yHeoq1O3AQccRHcHlFGlTKVO0543s=
x-served-by: cache-iad-kjyo7100080-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.815945,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "7d3ddd3eb67fcb304e7f7d7b9f33eb1b"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: MRC3CF7JMPGDQB8M
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 3750, 1

GET
H2 200 core-page-blocks-recommendation-Recommendation-component.83e66b6bad14d1747791.css
static.inferno.iheart.com/inferno/styles/ 2 KB
1 KB 130ms
16ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/core-page-blocks-recommendation-Recommendation-component.83e66b6bad14d1747791.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05e6af604f5e722f5c6b00d112bd5fe384f7c838b3ebd3b12b0ea0dba51e6119

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2182030
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 714
x-amz-id-2: /dTYeDpt4zJhZSqWwdj7LTZ5CChia2AO/Y71Q50gXtxfF/nRKvZgXhc6C32XWMPT+BSx/tMfppk=
x-served-by: cache-iad-kiad7000147-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.814881,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "b72eca81d4b21df826f67334bc25499e"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: C082KGAW0772DN9J
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 217, 1

GET
H2 200 core-page-blocks-datasource-DatasourceLoader-component.9babcd5438cfb456fc6d.css
static.inferno.iheart.com/inferno/styles/ 9 KB
2 KB 129ms
15ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/core-page-blocks-datasource-DatasourceLoader-component.9babcd5438cfb456fc6d.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad28598412cda2cae04639dce89f0d7c6ccb9c492b8cb9e8066e4a24a4a65e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2271914
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1831
x-amz-id-2: Yv3O7qJ5EtBip/NSG2ZCcTnMePh82BRhXa5Lc3GKRXoZICY9dkB2BhIYUpSlGqfrVRrgRWt9rq4=
x-served-by: cache-iad-kjyo7100022-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.815505,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "6230dc8e6b18554b7bf00c1051d5e416"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: YQ8G3KH5BYPT4GV2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 7185, 23

GET
H2 200 Eyebrow-component.2ef55640beaff03be8ea.css
static.inferno.iheart.com/inferno/styles/ 992 B
733 B 130ms
16ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/Eyebrow-component.2ef55640beaff03be8ea.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6cdcff01131e2c6c02d9f69f2878345faaea2b54b08e5782ed06344809016b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2270263
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 493
x-amz-id-2: Tg+K7oEJmrWbhtf1elW/FIPJ1ixJjRpHXuCopEGbkEdNS72P5euE+o1vQwM3jR0hSJ8wcdFI21Q=
x-served-by: cache-iad-kcgs7200151-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.815137,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "d94533fe79ed276055367de924043bee"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: WDFWGV0T9JXT8AJT
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 3221, 1

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=fallback

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d80fc5d5ce1c97d1d943a3fa51eb38d0ce6fe981024d760eab71d4b30b7bcc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 12:33:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 12:33:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 12:33:07 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/iheartprebidheader211581645343/ 251 KB
86 KB 60ms
14ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/iheartprebidheader211581645343/moatheader.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 826f4e5988f41ce39a5492dcf953986f2387e35e3fa982b054ed6c23a3f58b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:05:07 GMT
server: AmazonS3
x-amz-request-id: TFB5FHZB5WQHY4FF
etag: "1d418b7514f8011f7f62971ae87df81d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=42548
accept-ranges: bytes
content-length: 87068
x-amz-id-2: nhehhi/Zj9yFm8bqKdZtBTuFDjhMV8txxUQeq2U75s+/Ty3C9uwfWdYcYrBPujCiIkGhrptdHTA=

GET
H2 200 eefb89a887e3046c0558cb1b68acb7f5
i.iheart.com/v3/re/assets.brands/ 4 KB
4 KB 445ms
112ms Image
image/webp 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/re/assets.brands/eefb89a887e3046c0558cb1b68acb7f5?ops=gravity(%22center%22),contain(180,60)&quality=80
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1d7d8be9e74ed20db735edf7a0c36013396b4b53d8810a8b72a7dc0f6ec32a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:08 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
fastly-original-body-size: 4258
x-cache: HIT, MISS
x-age: 1732436
content-length: 4258
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kjyo7100050-IAD, cache-mxp6981-MXP
last-modified: Tue, 22 Mar 2022 10:12:31 GMT
x-request-id: cortex-proxyd-varnish-5fc89964bd-4bbgm/AO4Eg3SNZ3-106037473
x-timer: S1649680388.044459,VS0,VE97
x-dest: http://mediaserver-20211130193250:8000
etag: "9c089c94f5ea50b78b227dacec28fe5172662eaf03586f63151f81767ef1f9e3"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 0

GET
H2 200 f79fc341-a979-4863-81b0-eea1ddc6e07b
i.iheart.com/v3/re/new_assets/ 892 B
1 KB 349ms
16ms Image
image/webp 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/re/new_assets/f79fc341-a979-4863-81b0-eea1ddc6e07b?ops=resize(900,506),quality(10)
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c330813ad458f848efd42515b9c58f9073efc4c7b66243bc7a0c1f1cc7692ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:08 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
fastly-original-body-size: 892
x-cache: HIT, HIT
x-age: 2268371
content-length: 892
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kiad7000075-IAD, cache-mxp6981-MXP
last-modified: Wed, 16 Mar 2022 05:26:50 GMT
x-request-id: cortex-proxyd-varnish-5fc89964bd-f6p67/aPm5d8XO0t-229663389
x-timer: S1649680388.044573,VS0,VE1
x-dest: http://mediaserver-20211130193250:8000
etag: "8d4ce093b1623afe61b58830b5bb3f6386c313498f60d25b4ea1488d9e690057"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 8974, 1

GET
H2 200 runtime.7e2b67516a92d1372ca2.js Show response
static.inferno.iheart.com/inferno/scripts/ 31 KB
11 KB 22ms
20ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/runtime.7e2b67516a92d1372ca2.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1208205702b1cd7ef7bb23dc4d8e90af7332ed3f2da682e64d2f23cfeb4adf82

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 511513
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 10680
x-amz-id-2: d/z/4G2FC0u8reXgPyBu6SOwKl1NA9mB6JwaHhjtQyFqOSLRhkC3LDD+Wsj545kmNDPpk92miOo=
x-served-by: cache-iad-kiad7000088-IAD, cache-hhn4036-HHN
last-modified: Tue, 05 Apr 2022 14:04:46 GMT
server: AmazonS3
x-timer: S1649680388.845577,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "db9155767d4d291281bc812ad7cd30df"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: PWQ781VW41RXYBQ6
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 27

GET
H2 200 vendor.b4d71178c6e63763f9ef.js Show response
static.inferno.iheart.com/inferno/scripts/ 157 KB
43 KB 35ms
33ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendor.b4d71178c6e63763f9ef.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5fcf5b59ca83f656172d9c6447f73ac6b070eb4784857ca83c2c9b5e5156f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2270996
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 44195
x-amz-id-2: 7mdyMjKQHxuHz6YZEvhVv+MzgqK1eYESkHchnRobc10FbkhglB7zPznBN/NbDNIz4scyG99z4s8=
x-served-by: cache-iad-kjyo7100098-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:12 GMT
server: AmazonS3
x-timer: S1649680388.846009,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "e5a53f89a2a84b54fbfbeb18743768f5"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: A5JD8PCP5S3KCAJG
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 390, 1

GET
H2 200 bundle.9b8823977a8f7aa3677d.js Show response
static.inferno.iheart.com/inferno/scripts/ 835 KB
227 KB 22ms
20ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/bundle.9b8823977a8f7aa3677d.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94aa9df3215c94711fec18abb66d6629a07f3de313d1e8a1c11f33d5ee754af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2050296
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 231889
x-amz-id-2: EdYASnA1t+abMYJ4aiYjYPz6cOAkNnDsTrj4FxpnvTCAlrq3/Q4xonF3LSeHfRTbTLULzdNmtlE=
x-served-by: cache-iad-kcgs7200062-IAD, cache-hhn4036-HHN
last-modified: Fri, 18 Mar 2022 18:53:00 GMT
server: AmazonS3
x-timer: S1649680388.845819,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "781a7ff64201d3d358d470ceadb0bac0"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: EK6E18KR6KFHVEFE
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 2

GET
H2 200 vendors-node_modules_react-router-hash-link_dist_react-router-hash-link_esm_js-node_modules_r-61892a.1dc91db34ad6c5bb118e.js Show response
static.inferno.iheart.com/inferno/scripts/ 15 KB
6 KB 27ms
25ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_react-router-hash-link_dist_react-router-hash-link_esm_js-node_modules_r-61892a.1dc91db34ad6c5bb118e.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

476b762077ea9a9283c91f0e0e6df644b11770c0c9983b1c05c9e4a36ad26988

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2242171
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 5276
x-amz-id-2: DcsfaPfmGaYJ1b0/9dxNbRun0CKEv7HpJO4UsWDoWUClA6JH017OnXueBGEnzecGCYb4pu0LoEs=
x-served-by: cache-iad-kcgs7200088-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:11 GMT
server: AmazonS3
x-timer: S1649680388.845971,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "1b2de6a83f7882e18f095c6762ac2d98"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 6QD4NHH69Q40TKQ8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 706, 1

GET
H2 200 src_app_core_content-blocks_index_ts.efc0fc3c0503f391adc3.js Show response
static.inferno.iheart.com/inferno/scripts/ 20 KB
2 KB 21ms
20ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_content-blocks_index_ts.efc0fc3c0503f391adc3.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

db5da1d919f5fe9038e6f13bfa897a10d3ad318ba4e877a93058936e199eb34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2943695
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1361
x-amz-id-2: 07xvpd0JmOwlOzEldzcs5rcX7vR20VDFoX04M2OlhET7hmyzR3uG/nXgHBMkQKnL7jTZiSFuotY=
x-served-by: cache-iad-kiad7000040-IAD, cache-hhn4036-HHN
last-modified: Mon, 07 Mar 2022 22:23:48 GMT
server: AmazonS3
x-timer: S1649680388.845973,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "d6e9731fac7453122e60f4d3caec1366"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 82MQCMZ47RAGHCYH
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 11812, 18

GET
H2 200 src_app_core_chrome_NavigationMenu_component_tsx-src_app_core_chrome_StationLogo_component_ts-4282c9.6db7755b6bf80aa8161f.js Show response
static.inferno.iheart.com/inferno/scripts/ 64 KB
19 KB 28ms
27ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_chrome_NavigationMenu_component_tsx-src_app_core_chrome_StationLogo_component_ts-4282c9.6db7755b6bf80aa8161f.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d1b93b57faea67e0f725e300ede5505de565d27cdc9ba1b08a87f61ca2260685

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 1088507
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 19575
x-amz-id-2: Hn51cWmFjRB+wCYeciCqtjhjJkNC4/e257LdV9OaO0s3v1uu+PT62LqTdHuyf9fLPC/y3yAcsLs=
x-served-by: cache-iad-kiad7000086-IAD, cache-hhn4036-HHN
last-modified: Tue, 29 Mar 2022 21:30:37 GMT
server: AmazonS3
x-timer: S1649680388.846561,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "ae3fde605c5aae2d2fefb6ad488c91a5"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 8H06WQXE0PDVHEXX
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 27

GET
H2 200 src_app_core_chrome_Navigation_component_tsx.e02d4c1b8daaa0155700.js Show response
static.inferno.iheart.com/inferno/scripts/ 13 KB
4 KB 30ms
30ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_chrome_Navigation_component_tsx.e02d4c1b8daaa0155700.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

89b8ea0b051fb838ab125a9124e3f6cf570dd0d760043f94a8f58c4ffd5e3e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2095835
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4170
x-amz-id-2: eVSxa6ZrJcsg37Z9XXUdP/wWoTDhtqoKRR0XP1hYLSBDV8Q9Xj1QR8lAIKOJNN88uopPyt/+DpM=
x-served-by: cache-iad-kjyo7100050-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 22:55:43 GMT
server: AmazonS3
x-timer: S1649680388.858633,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "563ed1e3492a9da1931a0d0600ceb107"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: E2BHYSGX0MG8DGJG
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4926, 17

GET
H2 200 src_app_core_chrome_AppTray_component_tsx-src_app_core_chrome_Footer_component_tsx-src_app_co-b812c1.1ef82bf4236b27b58296.js Show response
static.inferno.iheart.com/inferno/scripts/ 23 KB
6 KB 31ms
31ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_chrome_AppTray_component_tsx-src_app_core_chrome_Footer_component_tsx-src_app_co-b812c1.1ef82bf4236b27b58296.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

711eae4b6268fae4f961348f072d0c10ba9163df00d5b33eecf0c855e50efa83

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 1195663
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 6321
x-amz-id-2: HZKgGrRWI61mm2lYFo5CuEyvuqtA1di4SJWNhyJKCueVKWMfduRUQSx9pW9vZN99yQWGeFwD6+w=
x-served-by: cache-iad-kjyo7100157-IAD, cache-hhn4036-HHN
last-modified: Wed, 23 Mar 2022 14:24:33 GMT
server: AmazonS3
x-timer: S1649680388.859525,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "0dfc1bd28ed2a92db89152fad0a9bd42"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: VYHYS2KNP39SKBNW
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 17

GET
H2 200 src_app_sites_local_index_tsx.81db727855f2dd0774e7.js Show response
static.inferno.iheart.com/inferno/scripts/ 25 KB
3 KB 27ms
27ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_sites_local_index_tsx.81db727855f2dd0774e7.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

18900d0564e8ff47d4b92bd91e2cb5e0fcf4bd99986589daea8e6bd32ac916c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 1654395
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 2513
x-amz-id-2: zhFjSoanna10T6MvqVLNMGlUTU9Mg/ZeSBDwpuMTCRsNywDV85IiFS50gEyfDhudYc/EUnB4zlE=
x-served-by: cache-iad-kcgs7200046-IAD, cache-hhn4036-HHN
last-modified: Tue, 22 Mar 2022 19:09:25 GMT
server: AmazonS3
x-timer: S1649680388.870792,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "b654a0da4a72dac0d005eb1a9a285d9b"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: FEP5VGKFQ5DGSEEF
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 17

GET
H2 200 vendors-node_modules_ihr-radioedit_gql-client_esm_request_js-node_modules_ihr-radioedit_sdk-n-747de0.1b7fc1471467617030ad.js Show response
static.inferno.iheart.com/inferno/scripts/ 13 KB
5 KB 18ms
18ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_ihr-radioedit_gql-client_esm_request_js-node_modules_ihr-radioedit_sdk-n-747de0.1b7fc1471467617030ad.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1b21c121d984c1dfb288c50399ba96c0ea0e76047ee309a9f9495d68892ef44

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2267787
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4517
x-amz-id-2: /eeSZX7nQjBncqhOWxfBX3dCDK0rrDjdvmzb9GqjrQydxHHy0R0xSYmJW47/Sbr7/tNXCU4H6YQ=
x-served-by: cache-iad-kjyo7100143-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:11 GMT
server: AmazonS3
x-timer: S1649680388.872822,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "ba576feeba8ea38c5914c51671e2e74c"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: TF4GY024NZBQZMQ1
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 142, 23

GET
H2 200 src_app_core_services_Sites_ts-node_modules_isarray_index_js-node_modules_mini-create-react-c-26a19c.6f019bd2f62e592cfa24.js Show response
static.inferno.iheart.com/inferno/scripts/ 17 KB
6 KB 14ms
14ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_services_Sites_ts-node_modules_isarray_index_js-node_modules_mini-create-react-c-26a19c.6f019bd2f62e592cfa24.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f902b108291d74e31b41bae078636ec4730cf0bbfce631540b0818079fecb6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2347781
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 5863
x-amz-id-2: RUd7rfqRq7FS9gUvr32w5EP+ijcI/Ww7o/j8c2YgEM1CmoH4FHuDetK/y5189n5ZooW0Nitpt5g=
x-served-by: cache-iad-kcgs7200030-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 03:11:28 GMT
server: AmazonS3
x-timer: S1649680388.874638,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "837ec195a678179282bbe20aa73e0357"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 0ZKD96N1CVZBFD60
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 5641, 23

GET
H2 200 MagicLink-component.53203269f3d1713c14e4.js Show response
static.inferno.iheart.com/inferno/scripts/ 10 KB
4 KB 21ms
20ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/MagicLink-component.53203269f3d1713c14e4.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94d7f72ba91c8695d300b503d45f28256e8faa76d5f4c5ad901372c478359077

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2246011
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4081
x-amz-id-2: N7bMOL6PfldgK02CRnDjMae3UtVTbWqkhwwQkvJniTLE7o5GMyQ5ocjcpDPr8ntRgNwH5cvd3cY=
x-served-by: cache-iad-kjyo7100138-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.899090,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "6d3802cc7c509ffd6c1bc8a4edf732ce"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: KYCZHR2ZN92KPZXY
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 22

GET
H2 200 FrontMatter-component.648a2a548634184a97e0.js Show response
static.inferno.iheart.com/inferno/scripts/ 4 KB
2 KB 21ms
20ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/FrontMatter-component.648a2a548634184a97e0.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

addf21471853c23ba575e35023a21b65ee84019e5ee564e90f8670306eba6c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2266802
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1519
x-amz-id-2: poOD89iloOB3YpmIS3gDT8VJs5mRu+ZiTf3LnUKCnZBPA1A7PyN1p1PXRd6z2HysTpwTqz7lmT4=
x-served-by: cache-iad-kjyo7100175-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.899277,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "bb38189412b0d2591884383501bb55fc"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 65NAH7WNRCE1X7R9
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1617, 1

GET
H2 200 EyebrowLoader-component.2b83d0db2c9e5ff4bd7e.js Show response
static.inferno.iheart.com/inferno/scripts/ 4 KB
2 KB 20ms
19ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/EyebrowLoader-component.2b83d0db2c9e5ff4bd7e.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c69148a9f8824d84eb3b29e3091aa6be306e5be5b56934b322639f4050b37b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 1949165
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1592
x-amz-id-2: yqdSGSsrmzx3QYSebIs90AUzef88Yx3vx9UREfYVKcNHChG/lVM8TIxiW8OVhrIpEjaU9boc0a4=
x-served-by: cache-iad-kiad7000051-IAD, cache-hhn4036-HHN
last-modified: Fri, 18 Mar 2022 20:20:47 GMT
server: AmazonS3
x-timer: S1649680388.899387,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "45bdc32847ee427c456a29f66c23abe1"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: G8JAQF7P43VHK706
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3252, 7

GET
H2 200 Heading-component.9c6439cae110595d7a91.js Show response
static.inferno.iheart.com/inferno/scripts/ 892 B
780 B 22ms
22ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/Heading-component.9c6439cae110595d7a91.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ce167c8c8392d8d61d3ab7da41daaffaf5dbfd4ad152c7e704430b9bb8eb994d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2269742
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 517
x-amz-id-2: BTsaN9xHoc5QXhmlmEFgPJ83XzKLWAhNatoboaefjunUf1nw5X+zhcMEp9V3zWvbSE8OEds6YJ0=
x-served-by: cache-iad-kjyo7100045-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.900278,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "cf242e2fe22122140d77716761778169"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: NRS8ZA4Y2BTCBS3F
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 245, 19

GET
H2 200 vendors-node_modules_react-dom_server_browser_js.82d61b48f0a56a243132.js Show response
static.inferno.iheart.com/inferno/scripts/ 20 KB
8 KB 22ms
21ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_react-dom_server_browser_js.82d61b48f0a56a243132.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

82eb88fb448c97f66d4d8f1ce724f2ee4e24367f27439f95a0288bfef04a9424

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2266187
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 7440
x-amz-id-2: qtRr2JCZjfrmWemD+9vN6rqr67C22hSXlABfbfkT50HsrDrGOKFyJZ54K0ub3rrNm4tG0X6bZOY=
x-served-by: cache-iad-kcgs7200033-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:11 GMT
server: AmazonS3
x-timer: S1649680388.900290,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "dd63b88db1d4498a87d1c207f7a5e7ad"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: E11N6N7Z39W2PXP2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 6580, 6

GET
H2 200 src_app_core_page-blocks_content_Content_component_tsx.738565524dfc0a8a36fe.js Show response
static.inferno.iheart.com/inferno/scripts/ 12 KB
5 KB 22ms
21ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_page-blocks_content_Content_component_tsx.738565524dfc0a8a36fe.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

583393b1f64a621646dd9fcb30029cdb53cac022aa6641bf00c16b0a8da54e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2075458
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4362
x-amz-id-2: m3G9v926gsWs/2DPwGW88Llp/JnWOlG7h0W9GEiaw2jLP/DruvmGoswtSekYeNgSHqaQUKkhNhA=
x-served-by: cache-iad-kcgs7200145-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 22:55:43 GMT
server: AmazonS3
x-timer: S1649680388.900354,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "baa09d5c3d3ea39e3d75853f5b08abce"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 2347D78END0N6TN3
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 5

GET
H2 200 vendors-node_modules_mobx_dist_mobx_esm_js.ff7e9ed482838a86db87.js Show response
static.inferno.iheart.com/inferno/scripts/ 50 KB
15 KB 10ms
9ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_mobx_dist_mobx_esm_js.ff7e9ed482838a86db87.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1172dbb7df93d9a1a8aef9f974240abbbb87448dc6c88cecce75140aed98131

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2266417
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 14987
x-amz-id-2: r38bBPcP7xUyizRlcdw0vI7WHb30jv0CUzBdbc4WNSoOGQmGRLu6OvRMnedcBQ8m5D6OVHl2oEQ=
x-served-by: cache-iad-kiad7000028-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:11 GMT
server: AmazonS3
x-timer: S1649680388.914679,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "745d87038872336c44b2b5740dfd160b"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: Q5KG3F5KGT95GECB
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4856, 2

GET
H2 200 vendors-node_modules_mobx-react_dist_mobxreact_esm_js.2b91dfb3f70865c0346e.js Show response
static.inferno.iheart.com/inferno/scripts/ 132 KB
43 KB 10ms
8ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_mobx-react_dist_mobxreact_esm_js.2b91dfb3f70865c0346e.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6ad6d6224374ae24937b3d100610380e21bd6b8c6a1719a571656297192d2cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2271739
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 43829
x-amz-id-2: H2OwSYCCsrOS9azEFIlaQBzUK70PmpMWagoYzKcSL8WimdVLhQUvFYbCWQ9C0Gg0We+HXzAbUzc=
x-served-by: cache-iad-kjyo7100045-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:12 GMT
server: AmazonS3
x-timer: S1649680388.914872,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "ac4c0dd9301112c1e14f59ef9c79f59e"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: NRXC80SY3EAK31NP
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 69, 4

GET
H2 200 src_app_core_content-blocks_AssetLegacy_component_tsx.9da6153303a3ced66664.js Show response
static.inferno.iheart.com/inferno/scripts/ 15 KB
4 KB 14ms
13ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_content-blocks_AssetLegacy_component_tsx.9da6153303a3ced66664.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae802955bf699e784b33f66df22eb13c33a7ca1749b556187e323d723a13139a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 1737424
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 3570
x-amz-id-2: /kKQEAJDmnYkc95k3i1m8u6KZ3AEIngzR6ZsUuFlKCLmjWNRZLVQFUt63QxFO8fC4WcRgnsIJmA=
x-served-by: cache-iad-kiad7000042-IAD, cache-hhn4036-HHN
last-modified: Mon, 21 Mar 2022 23:10:57 GMT
server: AmazonS3
x-timer: S1649680388.915457,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "d44e940a5a8a7714dc758f0b511e2b15"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: YC45J2DJ0M73NJJP
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2736, 3

GET
H2 200 vendors-node_modules_babel_runtime_helpers_esm_taggedTemplateLiteral_js-node_modules_graphql--bb451a.90d6dedb62a52c982858.js Show response
static.inferno.iheart.com/inferno/scripts/ 45 KB
12 KB 16ms
14ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_babel_runtime_helpers_esm_taggedTemplateLiteral_js-node_modules_graphql--bb451a.90d6dedb62a52c982858.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

26209c7c5774d90cb19cd9a4dd736bf91726e30cf61c39bc4245b6bdc8d348a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2179510
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 11884
x-amz-id-2: mxNNSv06McgiPw1o0CFEa/cF7m5QpuadHmun4hY7A65aSKKX0g8ugaiJxPTrVTHLI92ggqfioDQ=
x-served-by: cache-iad-kjyo7100029-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.915817,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "5ff5ebc8c1cad46e9960d6aae29907b5"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: VF6PDCGWW0ZBH1QJ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 7339, 1

GET
H2 200 vendors-node_modules_i18next_i18next_min_js-node_modules_react-i18next_dist_es_context_js.92bef6391a79ddef4ac6.js Show response
static.inferno.iheart.com/inferno/scripts/ 45 KB
13 KB 16ms
15ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_i18next_i18next_min_js-node_modules_react-i18next_dist_es_context_js.92bef6391a79ddef4ac6.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b53b9f455038129d0d1a83c5c3621b8039200007f3e57196ecf12a3a5c72b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2267014
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 13163
x-amz-id-2: B+JXJ2xTVuRp7dCIA/3azyxIuK5JjtR5RMyqawqTXVkgg8nuvuCP5RL3SCPQ7fLi+b4+SCmuMDM=
x-served-by: cache-iad-kcgs7200099-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:11 GMT
server: AmazonS3
x-timer: S1649680388.915839,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "696b84e394a60561f018c0665a94ffe5"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: B790XP53MMZX6QPW
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 71, 1

GET
H2 200 vendors-node_modules_react-i18next_dist_es_Translation_js-node_modules_strongly-typed-events_-0041f6.e867e44a697e0e24ff16.js Show response
static.inferno.iheart.com/inferno/scripts/ 29 KB
5 KB 15ms
14ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_react-i18next_dist_es_Translation_js-node_modules_strongly-typed-events_-0041f6.e867e44a697e0e24ff16.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b9ab0d004fd84b7214664f9bbeae7c224d14e8fd4dd359811c0b824353f19742

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2180593
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4956
x-amz-id-2: NXi907wiEnV3XSsyE8gToNEKcWcj9M2Gl7f6vQwf+qz8s5GuLcE6WGGaq1H9HmFoCA5/UgTmwT4=
x-served-by: cache-iad-kjyo7100149-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.915849,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "a3fe89d16ebc93478c3e12c1c31b0e45"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: XAY0E77QAGNHCBYK
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 69, 1

GET
H2 200 vendors-node_modules_loadable_component_dist_loadable_esm_js-node_modules_ihr-radioedit_sdk-u-5ccd84.503eb603415260a21104.js Show response
static.inferno.iheart.com/inferno/scripts/ 21 KB
7 KB 8ms
7ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/vendors-node_modules_loadable_component_dist_loadable_esm_js-node_modules_ihr-radioedit_sdk-u-5ccd84.503eb603415260a21104.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e534f33cc36f3165e908ce3300e2443e056e8a2b24ee3929f0c9b053749a1bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2180816
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 6862
x-amz-id-2: Gc8joaJRpB5TI5kIUymKfqiKozeFRoLsEpqraHVyqxJZbdeH8fuLqn+6B0BlSnesO8zn6rICJCM=
x-served-by: cache-iad-kjyo7100143-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.924843,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "52c16c5108881640892ce51c1d265d65"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 3NB955AJ6A7PT6BK
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 19, 1

GET
H2 200 src_app_core_lib_utilities_ts.1989f5cedc31ecee3756.js Show response
static.inferno.iheart.com/inferno/scripts/ 64 KB
15 KB 13ms
9ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_lib_utilities_ts.1989f5cedc31ecee3756.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c70a37b8c72bf27151eaa3f8eedfdfc9ca984dcfcbaed2e2626f52743832e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 616411
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 15405
x-amz-id-2: mYDtboHAIW40FL+2xrNEb6VCPlToqoPqJtE4BXPbrrhTs1y7W4pKYSvumitE01v6z9kcPXK3SNY=
x-served-by: cache-iad-kcgs7200073-IAD, cache-hhn4036-HHN
last-modified: Fri, 01 Apr 2022 22:40:04 GMT
server: AmazonS3
x-timer: S1649680388.932606,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "93e25d21f7e30f3956a4d4205a5916f9"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: PMW155M81WT2GTKV
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

GET
H2 200 src_app_core_ui_ListenLive_component_tsx-src_app_core_ui_index_ts.d6e411d7938a73b6bd65.js Show response
static.inferno.iheart.com/inferno/scripts/ 21 KB
5 KB 13ms
10ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/src_app_core_ui_ListenLive_component_tsx-src_app_core_ui_index_ts.d6e411d7938a73b6bd65.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7aac744494cfcc410c5b6f8c2755d93af1c8f4b7283bd65efa5cd1db0224397b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2189070
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4866
x-amz-id-2: 4x5V8dhkKwihs59kcyvYAPufw6YTgiyJbmvs8KI0usfHfL46pnLao1OC6b/QifuKSMYR70RNI+4=
x-served-by: cache-iad-kjyo7100052-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.932893,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "ac341c9f133ac723453554c51bc0e170"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 4TXMWTMYH200T5FN
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3150, 1

GET
H2 200 node_modules_babel_runtime_helpers_esm_extends_js-src_app_core_lib_i18n-test_ts.3a73215e16fb67c69d5e.js Show response
static.inferno.iheart.com/inferno/scripts/ 29 KB
10 KB 13ms
12ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/node_modules_babel_runtime_helpers_esm_extends_js-src_app_core_lib_i18n-test_ts.3a73215e16fb67c69d5e.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b753e391c80d92e0ec11d1360e3f46a2f23a89e69f6abae3ea9f708720304fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2183377
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 9562
x-amz-id-2: BxmyEamoK4w9IhMyAbKrcVekqxCwaV1lByEv6dRLJz4dm2GI87sWY92Uo9fwgBNfAFKggu8znyg=
x-served-by: cache-iad-kiad7000064-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.933059,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "423e26bbf6b5edfdda81598864de0f0f"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: F33DZ0S1SQE5VYS4
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 6694, 1

GET
H2 200 ImageAsset-component.3583fd999088e05d6b74.js Show response
static.inferno.iheart.com/inferno/scripts/ 7 KB
3 KB 12ms
11ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/ImageAsset-component.3583fd999088e05d6b74.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c5a4fc747f913296b0c836da23c97a0ef01d4d27aa7dc1d4b9a7f6936941e545

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 3470636
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 2656
x-amz-id-2: g0selTy8hOY8KA2RXaeDMTpVPMrOyJbBAnDkODLI/vuPpro1zJqKzk5hJqiJsy2bC/zVogqbBIE=
x-served-by: cache-iad-kcgs7200057-IAD, cache-hhn4036-HHN
last-modified: Tue, 01 Mar 2022 22:39:25 GMT
server: AmazonS3
x-timer: S1649680388.933172,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "16e10e354e4ed8fbf6e762b2a04ba380"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: AS2AGH38JZ2ABP07
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 71, 1

GET
H2 200 HtmlEmbedLegacy-component.cfc6c519c3d9dc34ab4a.js Show response
static.inferno.iheart.com/inferno/scripts/ 6 KB
2 KB 12ms
11ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/HtmlEmbedLegacy-component.cfc6c519c3d9dc34ab4a.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f09d41fb216ef7bd4f7c758d7df2a828beff65bf6fce723902d54c5050bcb373

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2266070
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1682
x-amz-id-2: CgOcSeWr/ALP5xDTXmRaMcEHF2j+uqZ6tAMpjrb8gTWiBVtAArIqPrDnjDbbikbCo4Hbi/VfsL8=
x-served-by: cache-iad-kiad7000107-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.933287,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "006a3abe991083a1ab8a22371cb403c2"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: X57FE7SV8Q6JSWM1
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 228, 1

GET
H2 200 core-page-blocks-recommendation-Recommendation-component.baf1d33a1359b7701204.js Show response
static.inferno.iheart.com/inferno/scripts/ 2 KB
1 KB 9ms
9ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/core-page-blocks-recommendation-Recommendation-component.baf1d33a1359b7701204.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb1e135cecec982602dc72cd43ff53c5457c7458ac15620c3453e9c29a881a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2099313
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1032
x-amz-id-2: 4Mkl0s5T/X45mVRGYafI/wC1rfLkJt46ypIlVk4wwqRmgZpsLdVTFUpanFJpB0FGfCO5hbHICro=
x-served-by: cache-iad-kjyo7100165-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 22:55:43 GMT
server: AmazonS3
x-timer: S1649680388.933554,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "7cd1543e71c4cdc158902a5925dda89e"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: D9K00CD0T01PYXXY
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4885, 5

GET
H2 200 Outbrain-component.ef82b8c34d8b0469fd4d.js Show response
static.inferno.iheart.com/inferno/scripts/ 888 B
881 B 8ms
6ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/Outbrain-component.ef82b8c34d8b0469fd4d.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf1630cbfc01e94c825353856c28a15f2a610108f80b5dd3734a6490a8950e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2185735
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 538
x-amz-id-2: S3CO9NZHI56H7PCLVCJHYYRhkgolDtYEE4lnfVeP6rqvKT8FHknAJQTU+yPm3UKTVQt5ybZyyFI=
x-served-by: cache-iad-kjyo7100094-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680388.946392,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "8f3fbcd6ead79bdfba814f129187aab2"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 9N0G1AGAXVC9Q2XJ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 33, 2

GET
H2 200 core-page-blocks-datasource-DatasourceLoader-component.53563d1993e0706c68ed.js Show response
static.inferno.iheart.com/inferno/scripts/ 13 KB
4 KB 9ms
7ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/core-page-blocks-datasource-DatasourceLoader-component.53563d1993e0706c68ed.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e1c06ef7c34e118c996b12369d8c129a805cd4808262e1e1d7b9ee5a9d143c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2271850
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 4311
x-amz-id-2: bOd1xxppzWhSnEIqcdcUnG8yCo4h3iOBSvskf7zJqpYSYP06/lAyQdnBjKxCiwuJxDDhQNw2Fgg=
x-served-by: cache-iad-kiad7000156-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.946549,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "8fe5294298cca457aafd09d2789a242b"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 2GHDZ9ZF803MVGDS
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 655, 26

GET
H2 200 Eyebrow-component.8f594045fe0e1b878e9a.js Show response
static.inferno.iheart.com/inferno/scripts/ 567 B
655 B 9ms
7ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/Eyebrow-component.8f594045fe0e1b878e9a.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

769c69680198431a0e40d6498e36aca651c2dd498006a2b7b3b46881090f1cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:07 GMT
content-encoding: gzip
age: 2269786
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 354
x-amz-id-2: 1UBDgGSiUopMOUqJ6LsJK9T3DB5gXz1g2Kupjtf0ti+e1zbMdfcsdqtwq5XpTRlFPN1cph4cd9o=
x-served-by: cache-iad-kcgs7200127-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680388.946660,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "228d3a523e84ece895dbebd2d303ac11"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: TC1CDJXH4MR5M6Y2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4971, 1

GET
H2 200 / Show response
www.iheart.com/live/3085/ Frame E186 27 KB
8 KB 771ms
443ms Document
text/html 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

66ff5b6bebc37330b0629e1a4118974fe64962d77d78a164ac07d65958b597ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
client_geo_latitude: 50.960
client_geo_longitude: 11.060
client_geo_postal_code: 99097
content-encoding: gzip
content-length: 7371
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 12:33:08 GMT
edge-control: cache-maxage=3600
etag: W/"6d83-YiKrg3SYKA9HpPshWZiDYKNa4jI"
geoip-country-code: DE
normalized-language: en
strict-transport-security: max-age=31557600
vary: Origin, X-NoAds, Accept-Encoding
via: 1.1 varnish (Varnish/6.5), 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-dest: http://web-www-20220406152132:8000
x-fastly-country: DE
x-ihr-app-country: WW
x-ihr-app-language: en
x-powered-by: Express
x-request-id: cortex-proxyd-varnish-7d7bf5db86-vlglz/gvfv79L3r7-159297533
x-served-by: cache-hhn4023-HHN
x-timer: S1649680388.040878,VS0,VE435

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 223 B
398 B 161ms
51ms Script
text/html 54.194.251.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PWZzsGufulcv0g%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&pcode=iheartprebidheader211581645343&rx=263528095822&callback=MoatNadoAllJsonpRequest_33070155
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/iheartprebidheader211581645343/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.251.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-251-50.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 9eafe11fd05e67d26ca48a58c596e3973215d137c1d87e749fdb0bf59c4e3728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:08 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "f44c91d44dd49b41004c7ce688021321ab80e497"
content-length: 223
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 82 B
256 B 131ms
39ms Script
text/html 52.208.32.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PWZzsGufulcv0g%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=IHEART_PREBID_HEADER1&hp=1&wf=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1649680387815&de=666070428207&rx=263528095822&m=0&ar=9f397fe3151-clean&iw=f4dc469&q=1&cb=0&cu=1649680387815&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRC=1&gu=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&gw=iheartprebidheader211581645343&fd=1&ac=1&it=500&pe=1%3A-%3A-%3A0%3A0&jm=-1&fs=197724&na=1596113404&cs=0&ord=1649680387815&jv=243725454&callback=DOMlessLLDcallback_33070155
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/iheartprebidheader211581645343/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.32.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: c36d52ccc12acc9f84fc2e814de7d7734413c946d7ba7d70d8471da626e68a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:08 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "2a6d1e6a3c611f47e530f5a468ee0da074346b6f"
content-length: 82
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 140D 1 KB
2 KB 22ms
22ms Document
text/html 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1922
content-length: 1374
content-type: text/html
date: Mon, 11 Apr 2022 12:33:08 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 37 KB
37 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wercfm.iheart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 18:06:53 GMT
x-content-type-options: nosniff
age: 411975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 18:06:53 GMT

GET
H2 200 sdk.js Show response
www.iheart.com/sdk/ 112 KB
39 KB 10ms
9ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/sdk/sdk.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7d80a9bb758da9972086f16d7ed3ff83c893d829a23702ad4ae9bb9d1702c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
date: Mon, 11 Apr 2022 12:33:08 GMT
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 379
x-cache: HIT
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 39219
x-amz-id-2: fmTQeHBVpDfPRQL4rQt8lV4ZM/aWRgbRRjK50nAJYsb1QfHEKLS/wWOSpBn228QMssmcZEYFRU0=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Fri, 12 Mar 2021 22:30:44 GMT
server: AmazonS3
x-timer: S1649680388.337355,VS0,VE1
etag: "6a59031908e31215621920e82a27881d"
strict-transport-security: max-age=31557600
x-amz-request-id: EQJNB68JJJY1WKNP
via: 1.1 varnish
client_geo_latitude: 50.960
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
x-ihr-app-country: WW

POST
H/1.1 200
OK query Show response
api.iheart.com/api/v3/abtest/users/groups/ 56 B
947 B 125ms
110ms XHR
application/json 199.232.213.13
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iheart.com/api/v3/abtest/users/groups/query
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.213.13 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5be8b675f6be515a17cdc77661697e2ddbd3c12f0670333e44bad9595ea0bbf9

Request headers

Accept: application/json
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 11 Apr 2022 12:33:08 GMT
Via: 1.1 varnish, 1.1 varnish
Vary: Origin,Access-Control-Request-Method, Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
Fastly-Original-Body-Size: 0
Access-Control-Allow-Origin: *
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
Connection: keep-alive
X-BACKEND: ssl_shield_iad_va_us
Content-Length: 56
X-Served-By: cache-iad-kcgs7200098-IAD, cache-hhn4053-HHN
X-Timer: S1649680389.784892,VS0,VE103
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Content-Type: application/json
X-GEO-COUNTRY: DE
X-Accept: json
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Expose-Headers: *

OPTIONS
H/1.1 200
OK query
api.iheart.com/api/v3/abtest/users/groups/ Frame 0
0 430ms
7ms Preflight 199.232.213.13
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iheart.com/api/v3/abtest/users/groups/query
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.213.13 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wercfm.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Cache-Control: max-age=604800
Connection: close
Content-Length: 0
Content-Type
Date: Mon, 11 Apr 2022 12:33:08 GMT
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Accept: */*
X-BACKEND: ssl_shield_iad_va_us
X-Cache: MISS
X-Cache-Hits: 0
X-GEO-COUNTRY: DE
X-Served-By: cache-hhn4074-HHN
X-Timer: S1649680389.763418,VS0,VE0

GET
H/1.1 200
OK locationConfig Show response
global.api.iheart.com/api/v3/ 8 KB
4 KB 330ms
101ms XHR
application/json 199.232.213.13
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://global.api.iheart.com/api/v3/locationConfig?hostname=webapp&version=8-prod
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.213.13 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 946a5db1e36bf19b0491419e8729d655143af98edab8a45abf74691d16acc00d

Request headers

Accept: application/json, text/plain, */*
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:08 GMT
Via: 1.1 varnish, 1.1 varnish
X-BACKEND: ssl_shield_iad_va_us
Access-Control-Allow-Origin: *
X-Cache: MISS, MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3051
X-Served-By: cache-iad-kjyo7100047-IAD, cache-hhn4068-HHN
X-Timer: S1649680389.633313,VS0,VE95
Vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Content-Type: application/json
X-GEO-COUNTRY: DE
X-Accept: json
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
X-Cache-Hits: 0, 0

GET
H2 200 runtime.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 3 KB
2 KB 11ms
8ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/runtime.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

88c2d498c6b2669b0ad9ff6897011c5b6f9ca53cfa871ce7229feede7876d52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421750
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles runtime.widget.js
x-cache-hits: 3
client_geo_postal_code: 99097
content-length: 1498
x-amz-id-2: 7i93ap7mSD7l1FrJaHW9yHPV4GO2cOK4wKavfV8Yz8fx5Y3pcNx9FS45IBzSYf1MsbGM5fBrb10=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:15 GMT
server: AmazonS3
x-timer: S1649680389.620865,VS0,VE1
etag: "5847a02847aa758a50ad437f767555c3"
strict-transport-security: max-age=31557600
x-amz-request-id: G3QF0G0AAZM5CPSC
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 589.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 206 KB
67 KB 13ms
10ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/589.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fda3146de8ab338d15cc956689f32f446cb08e9eae500de25c19e0bcc65a2760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421750
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 589.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 68621
x-amz-id-2: kANjoGHdYt6+NR6ozAVnCPkPwyohwsE2xXNUkz50Y9muEdW4v7Z0cWwtmoI6/qgd2Gte9SZjLqE=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:15 GMT
server: AmazonS3
x-timer: S1649680389.621633,VS0,VE1
etag: "7bb1fdc7a51e1048f72798bd06b3a2fa"
strict-transport-security: max-age=31557600
x-amz-request-id: G3Q119J2C2S1K5MB
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 619.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 18 KB
8 KB 12ms
9ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/619.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

27818d82f071ef5a2025ad9f0c3eb98e68817f7dfee5b337726368a3c681f514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421750
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 619.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 7257
x-amz-id-2: k5J6qwBoxPs1UqbggLDYcTvFXG/lBwD1G2e3Y2qUNCVSuQxJVA4NNE98DYynJzfToe5royCxABE=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:15 GMT
server: AmazonS3
x-timer: S1649680389.621893,VS0,VE1
etag: "8f44e8bd4d07d6e9ee0da144a6422765"
strict-transport-security: max-age=31557600
x-amz-request-id: G3QDASTK7E1VQ58K
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 715.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 15 KB
5 KB 11ms
5ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/715.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4da0264eb06bf745b6f966d2d477d8aa4ac6cd6884476bb0a40be331d301a486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421717
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 715.widget.js
x-cache-hits: 2
client_geo_postal_code: 99097
content-length: 5231
x-amz-id-2: 3fs8Q9OrziKZm5i0GFldr9eYFMswXFMrkzyk3x4PfN2E+mee+F20TPGE5tYYmj613feY7/7dQcg=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:15 GMT
server: AmazonS3
x-timer: S1649680389.622279,VS0,VE0
etag: "999d91d06f1bfa01ecdd82e37c5a46e2"
strict-transport-security: max-age=31557600
x-amz-request-id: 90QMESP3CYXVMBC3
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 349.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 4 KB
2 KB 19ms
13ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/349.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

90f64615026c1d8a716f9e3a71736ce79ec4707f2a1c798a5318ae42b45fe604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421750
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 349.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 1773
x-amz-id-2: pMapdTT3PCd/Ypxakupifou8tBNZQYhJhFKWy9zVA+xsciJdoVm6tZM/Uz6XSVS232nC9Lw6tLA=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:14 GMT
server: AmazonS3
x-timer: S1649680389.622466,VS0,VE1
etag: "b49ea410d65ce101ab5d5ebb48cf2766"
strict-transport-security: max-age=31557600
x-amz-request-id: G3Q5P0K35WSDPT05
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 679.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 16 KB
7 KB 19ms
14ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/679.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0f568e9783c2392a7cec666faab203f3fa44fd89ebd0987f2000296725d10f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421695
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 679.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 6449
x-amz-id-2: RT48wHqtRd9ZWBK4EO8mhOFVr2IdIy6Ca/bJERLOCRPoqLONEjGrXiOjRLoMOqRLPC7ge1ChHfw=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:15 GMT
server: AmazonS3
x-timer: S1649680389.622718,VS0,VE1
etag: "39e966396fe10a7b1f4f05224406a4a2"
strict-transport-security: max-age=31557600
x-amz-request-id: B6XW6MAF9R896A16
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 214.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 6 KB
3 KB 19ms
14ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/214.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

95ff90478a84550abaf2d39204977314c9988bb166d40aa70fc4b6b24a0203d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421728
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 214.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 2564
x-amz-id-2: Morqx3FutDkLq7/+63Ng4ZILArZGAWFmRpEe1LkqGzwxPFJgnCjwmgfzbnV5kT3puSkiyeklVso=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:14 GMT
server: AmazonS3
x-timer: S1649680389.625057,VS0,VE1
etag: "b42154e724359f0b8539f5d4878d381c"
strict-transport-security: max-age=31557600
x-amz-request-id: 6BYYVG4MFX2HW1JW
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 16.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 66 KB
23 KB 20ms
15ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/16.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2fac42d19f7115964cb32bdbd6f07f93fa3d9318db93e9c6e48c76d18b8a18d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421750
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 16.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 23263
x-amz-id-2: xD8VB9f8K+PNEDIo1UYhEP3RSFM2TABpWTd71HbI2wmB/tVYTFWbDuzJ7RXGdI5gtxfYAq1vepM=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:14 GMT
server: AmazonS3
x-timer: S1649680389.625178,VS0,VE1
etag: "b29d18ec40446647c49a1b746ab8b493"
strict-transport-security: max-age=31557600
x-amz-request-id: G3Q94JNKTECT7FF7
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 2.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 34 KB
12 KB 20ms
15ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/2.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

589bfbac3ce242244924538a111c8b8c565434f9d8e5862abf690f02f3cee191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421750
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles 2.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 11492
x-amz-id-2: D4TOreGv7wkxvqWVBt6zaSsHjry5uN1UWLJGE92GUJIaVLVBAXxRkJlveixGsGMbRSKKvcgYFhs=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:14 GMT
server: AmazonS3
x-timer: S1649680389.625329,VS0,VE1
etag: "1714264b1bb4be9b50d392531a82a834"
strict-transport-security: max-age=31557600
x-amz-request-id: G3QC8576HBZFEPBZ
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 liveProfile.widget.js Show response
www.iheart.com/v8.33.0/604ef2e/bundles/ Frame E186 44 KB
14 KB 22ms
17ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.33.0/604ef2e/bundles/liveProfile.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

488711fb8b9306e1f0b4e07bd6776defcfb9a23900b8e647dcaf6c89b8111c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 421717
x-cache: HIT
x-amz-meta-surrogate-key: web v8.33.0 604ef2e bundles liveProfile.widget.js
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 13981
x-amz-id-2: d38gF9nTYAD5rTgCrS5xeRaigCNnIu9uvQdFnn0Z7fMStomYbpwog3p+4O1bdX++loJA8t7ACHU=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Mon, 04 Apr 2022 18:15:15 GMT
server: AmazonS3
x-timer: S1649680389.625537,VS0,VE1
etag: "bc03151e4da7cdf3b6e2ecbd4775d8df"
strict-transport-security: max-age=31557600
x-amz-request-id: X0MFWRD9YKEV0KAR
via: 1.1 varnish
client_geo_latitude: 50.960
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Mon, 11 Apr 2022 12:33:08 GMT
x-ihr-app-country: WW

GET
H2 200 3085.png
i.iheart.com/v3/re/assets/images/ Frame E186 6 KB
6 KB 118ms
115ms Image
image/webp 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/re/assets/images/3085.png?ops=fit(240%2C240)
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 809a101714fb686418adac12b41dc3bdd4c9ae5445ff31ae69809d43c2b92485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:08 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
fastly-original-body-size: 5944
x-cache: HIT, MISS
x-age: 1138471
content-length: 5944
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kjyo7100036-IAD, cache-mxp6981-MXP
last-modified: Tue, 29 Mar 2022 07:16:12 GMT
x-request-id: cortex-proxyd-varnish-7d7bf5db86-9ptws/LdP82XeACh-53297025
x-timer: S1649680389.630012,VS0,VE99
x-dest: http://mediaserver-20211130193250:8000
etag: "8e8cf1303b6bbde321a13ce2e356b47793e26aead06b4daa18e1ed69d1f0c3df"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 0

GET
H/1.1 200
OK register2.php Show response
synchrobox.adswizz.com/ Frame E186 589 B
1 KB 152ms
30ms Script
text/javascript 34.242.253.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchrobox.adswizz.com/register2.php
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.253.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-253-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 47219f91e1d5e724eb08095e7fc8c29631379d70f38633008a0644b3329d6135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST, PUT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
content-type: text/javascript
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 589

GET
H2 200 SynchroClient2.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame E186 9 KB
9 KB 84ms
7ms Script
application/javascript 143.204.202.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/SynchroClient2.js
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/live/3085/?sc=inferno&campid=b&pname=WERC-FM&theme=light&ihrnetwork=true&embed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-47.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 17:33:26 GMT
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:28:38 GMT
server: AmazonS3
age: 68382
etag: "3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 9187
x-amz-cf-id: JIFMerLH1CaHr0PQfcim2cB4ifnXynQTXBnjXAQWkKa6LuVWCiEwNw==

POST
H2 200 loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=c1606de3-4b93-48fe-909c-d20bb0511761 Show response
ww.api.iheart.com/api/v1/account/ Frame E186 264 B
638 B 413ms
412ms XHR
application/json 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v1/account/loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=c1606de3-4b93-48fe-909c-d20bb0511761
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.33.0/604ef2e/bundles/589.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4ea40feb0b23aef25746f4e72a991eab90a3c58ffbe8ff697eedf86099b37326

Request headers

Accept: application/json, text/plain, */*
X-Locale: en-WW
Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-hostName: webapp.WW
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish
x-backend: F_HAProxy
x-timer: S1649680389.117897,VS0,VE391
vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
x-cache: MISS
content-type: application/json;charset=utf-8
x-geo-country: DE
x-accept: json
x-cache-hits: 0
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
accept-ranges: bytes
access-control-allow-origin: *
x-served-by: cache-mxp6978-MXP

OPTIONS
H2 200 loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=c1606de3-4b93-48fe-909c-d20bb0511761
ww.api.iheart.com/api/v1/account/ Frame 0
0 420ms
16ms Preflight 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v1/account/loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=c1606de3-4b93-48fe-909c-d20bb0511761
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-hostname,x-locale
Access-Control-Request-Method: POST
Origin: https://www.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 0
content-type
date: Mon, 11 Apr 2022 12:33:09 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-accept: */*
x-backend: F_HAProxy
x-cache: MISS
x-cache-hits: 0
x-geo-country: DE
x-served-by: cache-mxp6978-MXP
x-timer: S1649680389.100821,VS0,VE0

GET
H2 200 / Show response
www.iheart.com/sdk/bridge/ Frame 0E8D 197 B
708 B 253ms
252ms Document
text/html 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

abb045e469be9b0fe19dcaed4152703acdc22fc33e161d6c7bcafb4e934c83ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
client_geo_latitude: 50.960
client_geo_longitude: 11.060
client_geo_postal_code: 99097
content-encoding: gzip
content-length: 154
content-type: text/html
date: Mon, 11 Apr 2022 12:33:08 GMT
etag: "f6769a92e8c6691ca84d50ac2e3edb52"
geoip-country-code: DE
last-modified: Fri, 12 Mar 2021 22:08:13 GMT
normalized-language: en
server: AmazonS3
strict-transport-security: max-age=31557600
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: ajB1mSH7q/HLZx36iaICpnBOTcmKBTyj27fdsHvdy5iDJekr68Q6Vjjcf7KudZBkx9Akmb+zgKA=
x-amz-request-id: 6K12AZD011EB92FW
x-cache: MISS
x-cache-hits: 0
x-fastly-country: DE
x-ihr-app-country: WW
x-ihr-app-language: en
x-served-by: cache-hhn4023-HHN
x-timer: S1649680389.743123,VS0,VE237

GET
H/1.1 200
OK afr.php Show response
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame C72E 402 B
986 B 399ms
238ms Document
text/html 54.246.173.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by: Host: delivery-cdn-cf.adswizz.com
URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/SynchroClient2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.173.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-173-2.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer: https://www.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Charset: utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 402
Content-Type: text/html;charset=UTF-8
Date: Mon, 11 Apr 2022 12:33:08 GMT
Instance-id: i-0900ce12cf4c17f2d
P3P: policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
Server: Apache-Coyote/1.1
X-Adswizz-request-id: 8b446850-b993-11ec-9b80-063b08f739a3
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett

GET
H2 200 chrome-LocalAlerts-component.6eef0b31152c43780b33.js Show response
static.inferno.iheart.com/inferno/scripts/ 3 KB
2 KB 10ms
10ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/chrome-LocalAlerts-component.6eef0b31152c43780b33.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

820243123cf64885ef60e9bfb7b7cfbc59d41640776fe12ecb171178d8414699

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
age: 2180838
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1396
x-amz-id-2: zxwyze0iu0OHT8k8Qg8kQsUINJF+R2mhlzI2RaLCxAITQPp0Gsi/OfAwVU97EC3dYuzFygygPiU=
x-served-by: cache-iad-kiad7000127-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680389.020948,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "8d15b4a6a2c85273e039ff51aea56352"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: SG9DQJG98N0HZY6N
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 318, 7

GET
H2 200 Spinner-component.b1adaae60f3f07762384.css
static.inferno.iheart.com/inferno/styles/ 9 KB
2 KB 11ms
11ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/Spinner-component.b1adaae60f3f07762384.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

635f35f854db69ee9e5bf7865279530846ed8dfde42ca0cd60c339aaaf33509a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
age: 3465439
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 1657
x-amz-id-2: urMX9HkB5AUBXMihAyJv6KGAiRUhFakTXYrMwf/e4fzEP660s/q/a8wcgyvvgMT8FLoV4zeYo8k=
x-served-by: cache-iad-kjyo7100157-IAD, cache-hhn4036-HHN
last-modified: Tue, 01 Mar 2022 22:39:25 GMT
server: AmazonS3
x-timer: S1649680389.021824,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "d31af3d4429f4e99b5e7f5e1df63abb1"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: Y0DA043SE1XF69JC
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1244, 6

GET
H2 200 Spinner-component.e3c16746c49e0a0e5646.js Show response
static.inferno.iheart.com/inferno/scripts/ 894 B
677 B 12ms
12ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/Spinner-component.e3c16746c49e0a0e5646.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e16ca6a98e2c6ff539bcf1c725555325b7a03f89a6f6c15977c01ef457e5d46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
age: 2266931
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 374
x-amz-id-2: PFnUt/mYMrsbpYAY7QVjh+liqtCN5e6aLwqitRlYopCQSr1QfbqJmL6oB5IzeuRF3pnw4gEZfBY=
x-served-by: cache-iad-kcgs7200123-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680389.022000,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "b693cbe5fe55958398ef370dbc8dab6e"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: Y6EG4YC3VHHK2MCF
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2979, 8

GET
H2 200 core-page-blocks-legalnotice-LegalNoticeLoader-component.2ec9e48c694117cbcffa.js Show response
static.inferno.iheart.com/inferno/scripts/ 2 KB
1 KB 9ms
5ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/core-page-blocks-legalnotice-LegalNoticeLoader-component.2ec9e48c694117cbcffa.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

052c5ef6eb90d24231f9221b208e8c7794d5de0acd393b97b803f53235aa65ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
age: 2183212
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 866
x-amz-id-2: Bd2tGKJ0z8xruODhKmsJokF8Ael9Z/aw3cSVWZLZAVIxHBM/h+IXJIZkjn8yuYHmLYq8olZraqA=
x-served-by: cache-iad-kjyo7100166-IAD, cache-hhn4036-HHN
last-modified: Thu, 17 Mar 2022 04:19:10 GMT
server: AmazonS3
x-timer: S1649680389.033834,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "a27a8b058c01f6690a1a5aa932f464af"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: NDMHXXWKAK1E0BWP
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1471, 6

GET
H2 200 core-components-AuthModal-component.805f63f5c08ce9207df7.css
static.inferno.iheart.com/inferno/styles/ 1 KB
951 B 14ms
10ms Stylesheet
text/css 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/styles/core-components-AuthModal-component.805f63f5c08ce9207df7.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1f31bde58f5fc6702dbf1ddf3857926c8c6e18bae5691468748334c731551ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
age: 2267997
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 641
x-amz-id-2: 6E0Dr+K2mxbg/iqy1ixM3V4XN6WcprVSF1ZpS/lTCQGFyDTGkhn3wZV2SulV15zf5E147oKiIZ8=
x-served-by: cache-iad-kcgs7200032-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680389.036275,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "2a23ff7319edc831500d9efa9e0cf97d"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 2BDJPMFP6NKQ1VZ9
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 7648, 7

GET
H2 200 core-components-AuthModal-component.81fcd2d96ae1c33b2af4.js Show response
static.inferno.iheart.com/inferno/scripts/ 1 KB
848 B 11ms
10ms Script
application/javascript 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.inferno.iheart.com/inferno/scripts/core-components-AuthModal-component.81fcd2d96ae1c33b2af4.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a82970d145dfa98543c25b79a1482aba0aa50c6ea9b648e61fcd61950d0a3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
age: 2269962
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
strict-transport-security: max-age=300
content-length: 607
x-amz-id-2: eg85RiB2r+InIVNC4RsLjTcHQqWVyfmbsahHDC5Fz6HADMTxWOp6OXKrYSdx0ztovs13bxBBjxk=
x-served-by: cache-iad-kjyo7100057-IAD, cache-hhn4036-HHN
last-modified: Tue, 15 Mar 2022 21:13:10 GMT
server: AmazonS3
x-timer: S1649680389.036410,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "23e9e73fe84620ad5f4f63d9b5960683"
vary: (null),Cookie, Accept-Encoding
x-amz-request-id: 8D7YM14S1PW79Y55
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1219, 7

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 70ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dbeec4cc12d0406830bb508a6b9d6086c4fcc1aee5e3f7879d9240f9946bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28396
x-xss-protection: 0
server: sffe
etag: "1184 / 410 of 1000 / last-modified: 1649675379"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Apr 2022 12:33:09 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 197 KB
68 KB 738ms
638ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0ee6139effe435ba55808fbd968842239b497571052a973b34b099e1e091dd73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 08:43:09 GMT
etag: "16-M1LsZ9sunZfmpUxgEqcTCu6kilA"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 80bd727fdd058be52b1b85e76ac7e47e
timing-allow-origin: *, *

GET
H2 200 sdk.js Show response
connect.facebook.net/en/ 3 KB
2 KB 63ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en/sdk.js

Requested by

Host: static.inferno.iheart.com
URL: https://static.inferno.iheart.com/inferno/scripts/bundle.9b8823977a8f7aa3677d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4f1ae48fe053af10dfe92fe51f0cbd68404d6cacafd1710413969052543567b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wercfm.iheart.com/
Origin: https://wercfm.iheart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: otKOstKwCKFhY4p24prugw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: lBatfXP155aVMjQeFlydOK5yZjy90mB3Uozw8usKk37MKzULDNM1Y2R/tHHHc1sdJyKVkTz9859xRiZaz30sow==
x-fb-trip-id: 917726464
x-fb-content-md5: 25172b6011ac87f25df5af6dd3b60750
x-frame-options: DENY
date: Mon, 11 Apr 2022 12:33:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7dbd3e550f388cdf3432fda7b8fff435"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 11 Apr 2022 12:46:47 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 213ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static.inferno.iheart.com
URL: https://static.inferno.iheart.com/inferno/scripts/bundle.9b8823977a8f7aa3677d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: b3d1267f470c1399da3788f58fc567a3d51893463ef29a9f1ea406f15bcb8226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:09 GMT
Content-Encoding: gzip
Age: 167
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29460
x-tw-cdn: VZ
Last-Modified: Thu, 07 Apr 2022 19:43:04 GMT
Server: ECS (mil/6CEC)
Etag: "a9ea5b6f323c8a4851cd3ebb744b57ff+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

22ms
6ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H3
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:46:07 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Mon, 11 Apr 2022 12:33:09 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ldc
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 launch-381fe6c887eb.min.js Show response
assets.adobedtm.com/dba7b4ad2c8b/773677a854c8/ 143 KB
43 KB 89ms
24ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dba7b4ad2c8b/773677a854c8/launch-381fe6c887eb.min.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c4ea6e40d09cdb225eee39df0c9e239c0ff76ae73258bbc7c41de1b8c7a7ee5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 14:28:32 GMT
server: AkamaiNetStorage
etag: "72045b88cd1aa7b174987187a81f94a8:1647354512.477605"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://wercfm.iheart.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43812
expires: Mon, 11 Apr 2022 13:33:09 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/wercfm.iheart.com/ 47 KB
18 KB 79ms
31ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/wercfm.iheart.com/p.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9b6f577b577eeacdc8609b163efa48c6a33924b81dfcfa02f765f98f8745549d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Apr 2022 01:27:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 16:32:33 GMT
server: nginx
age: 39911
etag: W/"602bf3a1-bd32"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 42cY2CGVY3QuIAd9v1dlj-jXkJ-whK9CzgUfOMALAdmK2t7CEPO2WQ==
expires: Tue, 12 Apr 2022 01:27:58 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 82ms
28ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 03:14:02 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 33558
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: WomH_uqJWuVbIziEmdhQgJAy_hmlPQXNwQFJufGSTW0eFZQ-BUTFWw==

GET
H2 200 624e37356a0826c617aa014e
i.iheart.com/v3/re/new_assets/ 13 KB
13 KB 118ms
114ms Image
image/webp 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/re/new_assets/624e37356a0826c617aa014e?ops=max(1060,0),quality(80)
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c337f081bc7164dd90a7fb0650cc8153e1158492029f32473e92053084e8b6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
fastly-original-body-size: 13336
x-cache: HIT, MISS
x-age: 382651
content-length: 13336
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kiad7000102-IAD, cache-mxp6981-MXP
last-modified: Thu, 07 Apr 2022 01:13:36 GMT
x-request-id: cortex-proxyd-varnish-7d7bf5db86-wp475/VwIJKNcblC-129353403
x-timer: S1649680389.069380,VS0,VE101
x-dest: http://mediaserver-20220405200449:8000
etag: "b63b170e41579185f004fb2c3d4ba211b7b64aeb616dc113ec5d38327e9dbba2"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 588ms
152ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=004d2133385513d6a3dbfd9993b43474ab
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:09 GMT
Cache-Control: no-cache
X-TraceId: 58f822130c6dca23c1167c1a66d52ed0
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 eefb89a887e3046c0558cb1b68acb7f5
i.iheart.com/v3/re/assets.brands/ 8 KB
8 KB 115ms
97ms Image
image/webp 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/re/assets.brands/eefb89a887e3046c0558cb1b68acb7f5?ops=gravity(%22center%22),contain(300,100)&quality=80
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6cc5a5aee2e70a3f0b4d00c66ae32b5d204fe6b89c821e3d56c1397254070325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
fastly-original-body-size: 7916
x-cache: HIT, MISS
x-age: 2627
content-length: 7916
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kjyo7100165-IAD, cache-mxp6981-MXP
last-modified: Mon, 11 Apr 2022 10:11:37 GMT
x-request-id: cortex-proxyd-varnish-7d7bf5db86-2hpbf/TVgUBJCNdj-164437097
x-timer: S1649680389.071981,VS0,VE96
x-dest: http://mediaserver-20220405200449:8000
etag: "a37ee5b3aaefed79c3a5f978c89b2b59fa1dfae6022ff899723f082137d4d5e9"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 0

GET
H2 200 graphql Show response
webapi.radioedit.iheart.com/ 607 B
754 B 257ms
111ms XHR
application/json 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.radioedit.iheart.com/graphql?operationName=GetTopic&variables=%7B%22topic%22%3A%22national-news%22%2C%22locale%22%3A%22en%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2201c143a22cc6be80214197c0b1e3625e3b88a1035af3a09b84540cdb4fdd5b87%22%7D%7D
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 0cc5c5e22561b2eac8c100ed93bb793579be5603c8658106ca0a5bd481f79004

Request headers

Accept: application/json, text/plain, */*
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
x-re-cache: MISS
age: 3241
x-powered-by: Express
x-cache: HIT, MISS
x-url: /graphql?operationName=GetTopic&variables=%7B%22topic%22%3A%22national-news%22%2C%22locale%22%3A%22en%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2201c143a22cc6be80214197c0b1e3625e3b88a1035af3a09b84540cdb4fdd5b87%22%7D%7D
x-shard: varnish-cluster-a-18
x-public: 1
content-length: 320
x-request-id: cortex-proxyd-varnish-7d7bf5db86-t55b8/iPiK0XQ9i7-164858817
x-served-by: cache-lga13627-LGA, cache-mxp6978-MXP
x-uncacheable: true
x-timer: S1649680389.218127,VS0,VE95
x-dest: http://webapi-20220303211514:8000
etag: W/"25f-D2myuA7I95QNI44NimO1wUSsIkk"
vary: Origin,X-Public,X-Forwarded-Host, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
cache-control: public; max-age=300
accept-ranges: bytes
x-be-age: 0
x-cache-hits: 2, 0

GET
H2 200 graphql Show response
webapi.radioedit.iheart.com/ 2 KB
1 KB 250ms
119ms XHR
application/json 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.radioedit.iheart.com/graphql?operationName=GetContests&variables=%7B%22accountId%22%3A%22werc-fm%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e06928b540ca727c5cac5bc2234ead5d56bd58e4fddd5ff2f5c68ae94a444e82%22%7D%7D
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 707b7733245da93b9dcbc8da20dd2b0bae0ddddddb9d6d6f9af4f531692e66c9

Request headers

Accept: application/json, text/plain, */*
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
x-re-cache: HIT
age: 15
x-powered-by: Express
x-cache: MISS, MISS
x-url: /graphql?operationName=GetContests&variables=%7B%22accountId%22%3A%22werc-fm%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e06928b540ca727c5cac5bc2234ead5d56bd58e4fddd5ff2f5c68ae94a444e82%22%7D%7D
x-shard: varnish-cluster-a-7
x-public: 1
content-length: 819
x-request-id: cortex-proxyd-varnish-7d7bf5db86-l29sv/gGS5SJWBXX-165185105
x-served-by: cache-lga21943-LGA, cache-mxp6978-MXP
x-uncacheable: true
x-timer: S1649680389.218487,VS0,VE103
x-dest: http://webapi-20220303211514:8000
etag: W/"92e-uDkykiS/rfvLfAMhaNCetq090pI"
vary: Origin,X-Public,X-Forwarded-Host, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
cache-control: public; max-age=60
accept-ranges: bytes
x-be-age: 15
x-cache-hits: 0, 0

GET
H2 200 faf40618-8c4b-4554-939b-49bce06bbcca
i.iheart.com/v3/re/new_assets/ 230 B
648 B 27ms
16ms Image
image/webp 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/re/new_assets/faf40618-8c4b-4554-939b-49bce06bbcca
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d9f007bd92bade92cba88ad02a38cb234945bb765127b37f4b7d63cbb73a5f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
fastly-original-body-size: 230
x-cache: HIT, HIT
x-age: 1733812
content-length: 230
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kiad7000147-IAD, cache-mxp6981-MXP
last-modified: Tue, 22 Mar 2022 09:56:00 GMT
x-request-id: cortex-proxyd-varnish-5fc89964bd-t62qh/6B4eJZv6Ty-75881405
x-timer: S1649680389.097331,VS0,VE1
x-dest: http://mediaserver-20211130193250:8000
etag: "f8d6fc393f248712b94e4a116f5f52eb86c4232adae1bade48e2afb87868f1ac"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 714, 1

GET
H2 200 bridge.js Show response
www.iheart.com/sdk/bridge/ Frame 0E8D 102 KB
36 KB 15ms
9ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/sdk/bridge/bridge.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d96b9b2602e542e91878e2df499b04963317c786573f1372589f967b42b72ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 2660
x-cache: HIT
x-cache-hits: 1
client_geo_postal_code: 99097
content-length: 36239
x-amz-id-2: hvhbwJIwHsVWguil3bgJB3RxE/g79D9+YYEbePDIOF18y8h2VqaCI8Rk2fhy6cY5ykjbKDPtOe4=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Fri, 12 Mar 2021 22:08:16 GMT
server: AmazonS3
x-timer: S1649680389.095854,VS0,VE1
etag: "ce80bb8738463cc0bc515384e492f2c8"
strict-transport-security: max-age=31557600
x-amz-request-id: 6H4PJQ172EP8FKAH
via: 1.1 varnish
client_geo_latitude: 50.960
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
x-ihr-app-country: WW

GET
H2 200 graphql Show response
webapi.radioedit.iheart.com/ 700 B
1 KB 224ms
107ms XHR
application/json 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.radioedit.iheart.com/graphql?operationName=GetFeedContent&variables=%7B%22lookup%22%3A%22site-config-lookups%2Finferno%22%2C%22type%22%3A%22SLUG%22%2C%22value%22%3A%22werc-fm%22%2C%22usage%22%3A%22USAGE%3Afeed-usecases%2FLegal%20Warning%22%2C%22context%22%3A%7B%22%3Clocale%3E%22%3A%22en-US%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2214a870374432d152dcf9be443b9dee078e5c2954a02855ea993e0cf9036863b5%22%7D%7D
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: ecf83f55477070dabf850e522e2d3e588ce77569935372eb5e9b0da0254bef14

Request headers

Accept: application/json, text/plain, */*
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
x-re-cache: MISS
age: 332
x-powered-by: Express
x-cache: HIT, MISS
x-url: /graphql?operationName=GetFeedContent&variables=%7B%22lookup%22%3A%22site-config-lookups%2Finferno%22%2C%22type%22%3A%22SLUG%22%2C%22value%22%3A%22werc-fm%22%2C%22usage%22%3A%22USAGE%3Afeed-usecases%2FLegal%20Warning%22%2C%22context%22%3A%7B%22%3Clocale%3E%22%3A%22en-US%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2214a870374432d152dcf9be443b9dee078e5c2954a02855ea993e0cf9036863b5%22%7D%7D
x-shard: varnish-cluster-a-28
x-public: 1
content-length: 286
x-request-id: cortex-proxyd-varnish-5fc89964bd-f6p67/aPm5d8XO0t-229839197
x-served-by: cache-lga21958-LGA, cache-mxp6978-MXP
x-uncacheable: true
x-timer: S1649680389.218338,VS0,VE91
x-dest: http://webapi-20220303211514:8000
etag: W/"2bc-5SbJSngL8vXX7vFOwtP/xoX5dGo"
vary: Origin,X-Public,X-Forwarded-Host, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
cache-control: public; max-age=600
accept-ranges: bytes
x-be-age: 0
x-cache-hits: 1, 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
83 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=83d9bb04c344382d847dd99b5f284cfe

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

903c92848d4572af9fe24045115d530231aafd8d12699f4059a1a5e3a81a8395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wercfm.iheart.com/
Origin: https://wercfm.iheart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vvpTcj4qwi+l2+kYr+Wo/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84320
x-fb-rlafr: 0
x-fb-debug: UIaEezk9HfWAjNAkCXf/XIVcXPaeejuDj4ln4ICdXFmGgvkQ5iuSeaW92c4BNfDHmyfhj29drPGTAwG8Qw783A==
x-fb-trip-id: 917726464
x-fb-content-md5: c786a3e9a30f6640bd4dc3c3c802e011
x-frame-options: DENY
date: Mon, 11 Apr 2022 12:33:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "65c2f9c62304b4e5d1614deea4e57ff9"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 11 Apr 2023 12:26:48 GMT

GET
H2 200 / Show response
wercfm.iheart.com/api/v4/analytics/comscore/ 53 B
713 B 11ms
11ms XHR
application/json 199.232.214.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wercfm.iheart.com/api/v4/analytics/comscore/

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

f1436e3d79b4afa5fe40c230b3ac4b7f6489df7ad9ea4e87b6d1c0c3e1bdb639

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VwcFVVVWABABVFdTAgcPVFIA
tracestate: 2303737@nr=0-1-3124358-1061600983-f74648f38564ce32----1649680389135
traceparent: 00-423c669a7f5af1e57c5099a2e83b4150-f74648f38564ce32-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMxMjQzNTgiLCJhcCI6IjEwNjE2MDA5ODMiLCJpZCI6ImY3NDY0OGYzODU2NGNlMzIiLCJ0ciI6IjQyM2M2NjlhN2Y1YWYxZTU3YzUwOTlhMmU4M2I0MTUwIiwidGkiOjE2NDk2ODAzODkxMzUsInRrIjoiMjMwMzczNyJ9fQ==
Accept: application/json, text/plain, */*
Referer: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
age: 79472
x-powered-by: Express
x-cache: HIT, HIT
x-url: /api/v4/analytics/comscore/
x-shard: varnish-cluster-a-18
strict-transport-security: max-age=300
x-public: 1
content-length: 70
x-request-id: , cortex-proxyd-varnish-7d7bf5db86-9nh7x/EyVXkeGNrm-158767604, cortex-proxyd-varnish-7d7bf5db86-xxhkk/LIt6eex25N-152172514
x-served-by: cache-iad-kcgs7200069-IAD, cache-hhn4036-HHN
accept-ranges: bytes
x-uncacheable: true
x-timer: S1649680389.140522,VS0,VE1
x-frame-options: SAMEORIGIN
etag: W/"35-s4vooblLI58MZ5yjZoWmbEWeb7o"
vary: Origin, Origin, Accept-Encoding, X-Forwarded-Host,Cookie
content-type: application/json; charset=utf-8
content-encoding: gzip
cache-control: no-cache, no-store, immutable
x-dest: http://inferno-20220405154333:8000, http://grs-20220322192429:8000
x-be-age: 0
x-cache-hits: 1, 1

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036262&cs_ucfr=&ns__t=1649680389134&ns_c=UTF-8&cv=3.5&c8=8%20Million%20Cash%20App%20Users%20Could%20Have%20Been%20Affected%20By%20Data%20Breach%20%7C%20N...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_ucfr=&ns__t=1649680389134&ns_c=UTF-8&cv=3.5&c8=8%20Million%20Cash%20App%20Users%20Could%20Have%20Been%20Affected%20By%20Data%20Breach%20%7C%20...

0
192 B

14ms
14ms

Image
text/plain

108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_ucfr=&ns__t=1649680389134&ns_c=UTF-8&cv=3.5&c8=8%20Million%20Cash%20App%20Users%20Could%20Have%20Been%20Affected%20By%20Data%20Breach%20%7C%20News%20Radio%20105.5%20WERC&c7=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&c9=https%3A%2F%2Ft.co%2FwV8fgHrswa
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-38.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: tTSgRukKshZryh_jOREWyZ8QTq5U6WAM-5n9jTPKoAhbSyxNJYrm9w==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=6036262&cs_ucfr=&ns__t=1649680389134&ns_c=UTF-8&cv=3.5&c8=8%20Million%20Cash%20App%20Users%20Could%20Have%20Been%20Affected%20By%20Data%20Breach%20%7C%20News%20Radio%20105.5%20WERC&c7=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&c9=https%3A%2F%2Ft.co%2FwV8fgHrswa
date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-length: 0
x-amz-cf-id: vUAsi5VNRQSSN5PSB14uIJ54PlFIay-KptFM5kWP6a6kWY7FaOFKZg==
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl_2022040501.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
126 KB 29ms
6ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128191
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Apr 2023 12:00:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 123 B
739 B 39ms
16ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wercfm.iheart.com

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

414eb36940aa9c870b6d933d1774075d1e71c285efc1b63bf46dff6963e84911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Mon, 11 Apr 2022 12:33:09 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 449ms
118ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1649680389161&plid=31543930&idsite=wercfm.iheart.com&url=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&urlref=https%3A%2F%2Ft.co%2FwV8fgHrswa&screen=1600x1200%7C1600x1200%7C24&data=%7B%22pageName%22%3A%22detail%22%2C%22sectionName%22%3A%22%22%7D&sid=1&surl=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&sref=https%3A%2F%2Ft.co%2FwV8fgHrswa&sts=1649680389145&slts=0&title=8+Million+Cash+App+Users+Could+Have+Been+Affected+By+Data+Breach+%7C+News+Radio+105.5+WERC&date=Mon+Apr+11+2022+12%3A33%3A09+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=97195851&u=pid%3D39e64a1cf876bc938c34706a90594aa4
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:09 GMT
Cache-Control: no-cache
Last-Modified: Monday, 11-Apr-2022 12:33:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

OPTIONS
H2 200 events
us-events.api.iheart.com/ Frame 0
0 289ms
95ms Preflight 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://us-events.api.iheart.com/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.210.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wercfm.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://wercfm.iheart.com
access-control-max-age: 3600
content-length: 0
date: Mon, 11 Apr 2022 12:33:09 GMT
vary: Origin
via: 1.1 varnish, 1.1 varnish
x-accept: */*
x-backend: ssl_shield_iad_va_us
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-geo-country: DE
x-served-by: cache-iad-kjyo7100138-IAD, cache-hhn4028-HHN
x-timer: S1649680389.405898,VS0,VE88

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1649680389196
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1649680389196

4 KB
2 KB

36ms
34ms

XHR
application/json

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1649680389196

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

485cc345cb97956d4babeb1ca9e25fb2f27d4105fe37b0c1b10db6607a72c45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0b9ab801d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: JGXopUkrRbg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://wercfm.iheart.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1247
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v030-0d2b4133c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://wercfm.iheart.com
X-TID: l0z2KFuASf4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1649680389196
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 14ms
13ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://wercfm.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Mon, 11 Apr 2022 13:33:09 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://wercfm.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Mon, 11 Apr 2022 13:33:09 GMT

POST
H2 202 events Show response
us-events.api.iheart.com/ 0
312 B 126ms
126ms XHR
text/plain 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://us-events.api.iheart.com/events

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
access-control-allow-origin: https://wercfm.iheart.com
x-cache: MISS, MISS
x-backend: ssl_shield_iad_va_us
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000030-IAD, cache-hhn4028-HHN
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1649680390.504301,VS0,VE89
x-frame-options: DENY
date: Mon, 11 Apr 2022 12:33:09 GMT
vary: Origin
x-geo-country: DE
x-accept: application/json, text/plain, */*
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 swfobject-2.2.min.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame C72E 9 KB
9 KB 8ms
8ms Script
application/x-javascript 143.204.202.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by: Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-47.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://synchroscript.deliveryengine.adswizz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 06:15:38 GMT
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2015 12:24:04 GMT
server: AmazonS3
age: 22651
etag: "e6a40488a5f5774d02c06d0787ef01d8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 9211
x-amz-cf-id: Ix8vmRolfSt9oMHF9X705aDQ67gC-7gsPAlxgNprM0PUOWBGpcw5_g==

GET
H2 200 RCc8286e7abe0f4e41bd132d5213251bc3-source.min.js Show response
assets.adobedtm.com/dba7b4ad2c8b/773677a854c8/0fffe2a4b379/ 917 B
822 B 13ms
13ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dba7b4ad2c8b/773677a854c8/0fffe2a4b379/RCc8286e7abe0f4e41bd132d5213251bc3-source.min.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c342f234a681f11c065faca63f1f7312c85b3f99b443e4c9dfc808cc7ed66a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 14:28:33 GMT
server: AkamaiNetStorage
etag: "a00ee188bcf48e03271fc192d3175902:1647354513.138197"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://wercfm.iheart.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 556
expires: Mon, 11 Apr 2022 13:33:09 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 127ms
11ms Script
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: .7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 79
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 04HZG9SXJ2GRY7YC9BZ7
date: Mon, 11 Apr 2022 12:31:54 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RpLONt8mxMnw96jcC8uTewRo-UbGo0iN-yJ00THVl-v25_UiOjiZlQ==

GET
H2 200 16442_iHeart_DM_US.js Show response
ads.rubiconproject.com/prebid/ 342 KB
102 KB 264ms
149ms Script
text/javascript 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/16442_iHeart_DM_US.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: edf5536b3c26b154e8987055083e20dcd4677dcbfcf40361da7a947579abca6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 14:41:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=11781
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 103606
expires: Mon, 11 Apr 2022 15:49:30 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 17 KB
7 KB 143ms
36ms Script
application/javascript 143.204.201.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-254.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 31ca84e975c68ecedc2a4f36cbadf1d9de61a1a51670ac2fb62ea5f761fd4ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6428
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: 3qAPP8j3AeodgvGG0laAv7nD1ocmE2rbNFL2QXMZSUFYjbqA5jEkPg==

GET
H2 200 RC375c371f1a294fd688349990f3ed9cab-source.min.js Show response
assets.adobedtm.com/dba7b4ad2c8b/773677a854c8/0fffe2a4b379/ 4 KB
2 KB 20ms
20ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dba7b4ad2c8b/773677a854c8/0fffe2a4b379/RC375c371f1a294fd688349990f3ed9cab-source.min.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1c600487478d427a9cb0387af68800c478bc4c5616d64d1500ef451fb98fb2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 14:28:33 GMT
server: AkamaiNetStorage
etag: "a00ee188bcf48e03271fc192d3175902:1647354513.138197"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://wercfm.iheart.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1430
expires: Mon, 11 Apr 2022 13:33:09 GMT

GET
H/1.1 200
OK widget_iframe.c1cdceed40059a51b374bf347e6a2ae0.html Show response
platform.twitter.com/widgets/ Frame 9307 319 KB
104 KB 46ms
46ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c1cdceed40059a51b374bf347e6a2ae0.html?origin=https%3A%2F%2Fwercfm.iheart.com
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF5) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 316849
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Apr 2022 12:33:09 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 07 Apr 2022 19:42:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF5)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H/1.1 200
OK query Show response
api.iheart.com/api/v3/abtest/users/groups/ 56 B
916 B 142ms
115ms XHR
application/json 199.232.213.13
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iheart.com/api/v3/abtest/users/groups/query
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.213.13 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9327ea0823da1cf46b1f50ac410951cbf75dd5279eeb5a1e6e5d3b11f3c9e17

Request headers

Accept: application/json
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 11 Apr 2022 12:33:09 GMT
Via: 1.1 varnish, 1.1 varnish
Vary: Origin,Access-Control-Request-Method, Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
X-BACKEND: ssl_shield_iad_va_us
Access-Control-Allow-Origin: *
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
Connection: keep-alive
Content-Length: 56
X-Served-By: cache-iad-kjyo7100142-IAD, cache-hhn4052-HHN
X-Timer: S1649680389.397990,VS0,VE92
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Content-Type: application/json
X-GEO-COUNTRY: DE
X-Accept: json
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Expose-Headers: *

OPTIONS
H/1.1 200
OK query
api.iheart.com/api/v3/abtest/users/groups/ Frame 0
0 11ms
11ms Preflight 199.232.213.13
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iheart.com/api/v3/abtest/users/groups/query
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.213.13 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wercfm.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Cache-Control: max-age=604800
Connection: close
Content-Length: 0
Content-Type
Date: Mon, 11 Apr 2022 12:33:09 GMT
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Accept: */*
X-BACKEND: ssl_shield_iad_va_us
X-Cache: MISS
X-Cache-Hits: 0
X-GEO-COUNTRY: DE
X-Served-By: cache-hhn4053-HHN
X-Timer: S1649680389.342541,VS0,VE0

POST
H/1.1 200
OK query Show response
api.iheart.com/api/v3/abtest/users/groups/ 56 B
916 B 135ms
100ms XHR
application/json 199.232.213.13
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iheart.com/api/v3/abtest/users/groups/query
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.213.13 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5be8b675f6be515a17cdc77661697e2ddbd3c12f0670333e44bad9595ea0bbf9

Request headers

Accept: application/json
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 11 Apr 2022 12:33:09 GMT
Via: 1.1 varnish, 1.1 varnish
Vary: Origin,Access-Control-Request-Method, Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
X-BACKEND: ssl_shield_iad_va_us
Access-Control-Allow-Origin: *
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
Connection: keep-alive
Content-Length: 56
X-Served-By: cache-iad-kjyo7100060-IAD, cache-hhn4059-HHN
X-Timer: S1649680389.454315,VS0,VE90
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Content-Type: application/json
X-GEO-COUNTRY: DE
X-Accept: json
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Expose-Headers: *

OPTIONS
H/1.1 200
OK query
api.iheart.com/api/v3/abtest/users/groups/ Frame 0
0 41ms
16ms Preflight 199.232.213.13
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iheart.com/api/v3/abtest/users/groups/query
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.213.13 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wercfm.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 604800
Cache-Control: max-age=604800
Connection: close
Content-Length: 0
Content-Type
Date: Mon, 11 Apr 2022 12:33:09 GMT
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Accept: */*
X-BACKEND: ssl_shield_iad_va_us
X-Cache: MISS
X-Cache-Hits: 0
X-GEO-COUNTRY: DE
X-Served-By: cache-hhn4050-HHN
X-Timer: S1649680389.402550,VS0,VE0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/7d044e9d-e966-4b73-b448-a29d06f71027/ 19 KB
8 KB 99ms
44ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7d044e9d-e966-4b73-b448-a29d06f71027/otSDKStub.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf59eab3bfcf26e852bff1b48936d5436648a0ccda0a73e89cf8d89e2bed32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mUd+XmofxS9rpclsiSCPig==
age: 7010
vary: Accept-Encoding
content-length: 7083
x-ms-lease-status: unlocked
last-modified: Wed, 09 Mar 2022 20:29:56 GMT
server: cloudflare
etag: 0x8DA020B934CF42F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 06deea49-701e-013b-3cf5-33dced000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6fa3bfc20ba259b3-MXP
expires: Mon, 11 Apr 2022 16:33:09 GMT

GET
H2 200 generatetoken Show response
tv47clj0la.execute-api.us-east-1.amazonaws.com/production/ 109 B
380 B 337ms
111ms Fetch
application/json 52.7.213.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tv47clj0la.execute-api.us-east-1.amazonaws.com/production/generatetoken?identifier=undefined
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.213.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-213-91.compute-1.amazonaws.com
Software: /
Resource Hash: 0176ef7350292b2c32a210617ee02c7bac2f1e006acc4cb6588e836c5f85ff40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
access-control-allow-headers: Content-Type
x-amzn-requestid: 63f87009-8656-4288-bed3-348130c4ee4b
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62542005-07af69766761b3b754b69093;Sampled=0
x-amz-apigw-id: Qanw6HchoAMFT0w=
content-length: 109

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 57ms
19ms XHR
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 39581
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Mon, 11 Apr 2022 01:33:29 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 0ebwoeowBN9eFtLTbAY7d6vTMAkFZSg0JspZS9rgFg9Um9lZXrHFCw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
303 B 102ms
101ms XHR
text/plain 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3901&u=https%3A%2F%2Fwercfm.iheart.com
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:08 GMT
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://wercfm.iheart.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: esclj5YTpfLmAC9MvzlA5vuGu3bMn9w0H9BlTbMzArbLTgbrCPODDg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 53ms
51ms XHR
text/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3901&u=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&pr=https%3A%2F%2Ft.co%2FwV8fgHrswa&pid=d2crnhLjXxZ99&cb=0&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-3330-ad%3Atop-leaderboard%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x150%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%7D%2C%7B%22sd%22%3A%22dfp-ad-3307-ad%3Atop%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%7D%2C%7B%22sd%22%3A%22dfp-ad-3306-ad%3Abottom-leaderboard%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 3DKQGKZ222TM4AKFA7FP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://wercfm.iheart.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: g9CB2c1Nbaeibl4lfoIlnEVk235e1LJEkOJ49dMSdQguTWoB6BrltA==

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
331 B 68ms
23ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=015fcbb1-38ea-41dc-ae3e-391a68f31a4b&tld=com

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

14d15b7b1268d2760d8b3c4415f9eb1756821457a38eb5252d9ffbe40488cb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 76DB 0
241 B 54ms
23ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=015fcbb1-38ea-41dc-ae3e-391a68f31a4b

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 11 Apr 2022 12:33:09 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 9307 248 B
452 B 169ms
143ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3d5b315a230789aeca7ff0eb9762ca972d8ad990

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c1cdceed40059a51b374bf347e6a2ae0.html?origin=https%3A%2F%2Fwercfm.iheart.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

7a82d919cd3a66eb6623565d65433eb0d81a4373d43a5625409370d8ae468d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 12:33:09 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: fb79a8fec61123f2f97672386253bf80f35a08e3380e4f35bdca0b32dce3d034
content-length: 171

GET
H/1.1 200
OK dest5.html Show response
clearchannel.demdex.net/ Frame FCE8 7 KB
3 KB 181ms
30ms Document
text/html 52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clearchannel.demdex.net/dest5.html?d_nsid=0

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v030-01952d331.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 88nuVSMNRN8=
content-encoding: gzip
date: Mon, 11 Apr 2022 12:33:09 GMT
last-modified: Tue, 15 Mar 2022 12:36:14 GMT
vary: accept-encoding

GET
H2 200 id Show response
smy.iheart.com/ 48 B
508 B 386ms
17ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smy.iheart.com/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=97D902BE53295FEE0A490D4C%40AdobeOrg&mid=60944496432230147174033259751220772824&ts=1649680389517

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

57d4332a44be9f1028f6767d26116955c9105401be2770c21b87abe29bcc411e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b6f4bb9f7-f6cwj
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://wercfm.iheart.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YlQgBQAAAB8KuAO1
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=65398431733821776444154818328617148809
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlQgBQAAAB8KuAO1

42 B
943 B

33ms
32ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlQgBQAAAB8KuAO1

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-094108f3e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hiLCnCz1Q5c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlQgBQAAAB8KuAO1
Date: Mon, 11 Apr 2022 12:33:09 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 / Show response
www.iheart.com/sdk/bridge/ Frame C7AD 197 B
660 B 9ms
8ms Document
text/html 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F

Requested by

Host: static.inferno.iheart.com
URL: https://static.inferno.iheart.com/inferno/scripts/core-components-AuthModal-component.81fcd2d96ae1c33b2af4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

abb045e469be9b0fe19dcaed4152703acdc22fc33e161d6c7bcafb4e934c83ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
client_geo_latitude: 50.960
client_geo_longitude: 11.060
client_geo_postal_code: 99097
content-encoding: gzip
content-length: 154
content-type: text/html
date: Mon, 11 Apr 2022 12:33:09 GMT
etag: "f6769a92e8c6691ca84d50ac2e3edb52"
geoip-country-code: DE
last-modified: Fri, 12 Mar 2021 22:08:13 GMT
normalized-language: en
server: AmazonS3
strict-transport-security: max-age=31557600
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: ajB1mSH7q/HLZx36iaICpnBOTcmKBTyj27fdsHvdy5iDJekr68Q6Vjjcf7KudZBkx9Akmb+zgKA=
x-amz-request-id: 6K12AZD011EB92FW
x-cache: HIT
x-cache-hits: 1
x-fastly-country: DE
x-ihr-app-country: WW
x-ihr-app-language: en
x-served-by: cache-hhn4023-HHN
x-timer: S1649680390.535159,VS0,VE1

POST
H3 200 p Show response
tr.snapchat.com/ Frame 0AF0 0
15 B 50ms
33ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wercfm.iheart.com
Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Mon, 11 Apr 2022 12:33:09 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H2 200 locationConfig Show response
ww.api.iheart.com/api/v3/ Frame E186 6 KB
3 KB 127ms
125ms XHR
application/json 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/locationConfig?countryCode=WW&hostname=webapp&version=8-prod
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.33.0/604ef2e/bundles/589.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7435b9799c3b0fd66e2c7a3eac9b53bd6f5b9ecefc2a1e5ca14ae3acd3df3eb3

Request headers

X-Locale: en-WW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-hostName: webapp.WW
Accept: application/json, text/plain, */*
Referer: https://www.iheart.com/
X-Session-Id: VEmt2iFoVVG9gYy3RAiRi
X-Ihr-Session-Id: VEmt2iFoVVG9gYy3RAiRi
X-Ihr-Profile-Id: 5297070984
X-User-Id: 5297070984

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish
x-backend: F_HAProxy
x-cache: MISS
x-geo-country: DE
content-encoding: gzip
content-length: 2657
x-served-by: cache-mxp6978-MXP
x-timer: S1649680390.582600,VS0,VE109
vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
x-accept: json
accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
x-cache-hits: 0

OPTIONS
H2 200 locationConfig
ww.api.iheart.com/api/v3/ Frame 0
0 19ms
17ms Preflight 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/locationConfig?countryCode=WW&hostname=webapp&version=8-prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-hostname,x-ihr-profile-id,x-ihr-session-id,x-locale,x-session-id,x-user-id
Access-Control-Request-Method: GET
Origin: https://www.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 0
content-type
date: Mon, 11 Apr 2022 12:33:09 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-accept: */*
x-backend: F_HAProxy
x-cache: MISS
x-cache-hits: 0
x-geo-country: DE
x-served-by: cache-mxp6978-MXP
x-timer: S1649680390.563290,VS0,VE0

GET
H2 200 7d044e9d-e966-4b73-b448-a29d06f71027.json Show response
cdn.cookielaw.org/consent/7d044e9d-e966-4b73-b448-a29d06f71027/ 3 KB
2 KB 175ms
73ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7d044e9d-e966-4b73-b448-a29d06f71027/7d044e9d-e966-4b73-b448-a29d06f71027.json

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

096f5b2351c7aa561f91b83732b9a5e159b8ed112cbe32ffd10d081ed1bb8750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: +z7+hHUgwYuIPh5O/W3iZw==
vary: Accept-Encoding
content-length: 1300
x-ms-lease-status: unlocked
last-modified: Wed, 09 Mar 2022 20:29:55 GMT
server: cloudflare
etag: 0x8DA020B92CF9976
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 14da4e64-f01e-0147-72a0-4d41d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6fa3bfc369615a0d-MXP
expires: Mon, 11 Apr 2022 16:33:09 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 82ms
81ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 11157
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5a37537c-801e-00a2-6450-28157a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6fa3bfc2ddf259b3-MXP

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 74ms
49ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

12bdd8d296052b2e8faa88ff2a6922a8fd93fc23b57044150c5f2d7075996f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p3r/+d2tBOMEMN81r6vlsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Apr 2022 12:41:42 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: sIbAfjcimbGpV74ShR0a9BxpIp6PSy/sQYplnTRoiPMRIDrU5zXFDx1x62oqvkTEQlWEjgBNit4RGl/5TfMU8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 5d5bb24ec073912346d08b4ab192c736
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 12:33:09 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3b9cf697c305cfd558a9ad94c53cde9b"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 67ms
43ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: XF+DzMDPS/3bwNeCeTBrzYNftUMblQRtFpvMGe88qNjKYAOGbVKIHwxdo3z5cWqQqHtlGZRWtdY34j7P3c3x4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 11 Apr 2022 12:33:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bridge.js Show response
www.iheart.com/sdk/bridge/ Frame C7AD 102 KB
36 KB 28ms
27ms Script
application/javascript 199.232.214.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/sdk/bridge/bridge.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d96b9b2602e542e91878e2df499b04963317c786573f1372589f967b42b72ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/sdk/bridge/?parent=https%3A%2F%2Fwercfm.iheart.com&amp=https%3A%2F%2Fww.api.iheart.com%2Fapi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

geoip-country-code: DE
date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 2660
x-cache: HIT
x-cache-hits: 2
client_geo_postal_code: 99097
content-length: 36239
x-amz-id-2: hvhbwJIwHsVWguil3bgJB3RxE/g79D9+YYEbePDIOF18y8h2VqaCI8Rk2fhy6cY5ykjbKDPtOe4=
x-served-by: cache-hhn4023-HHN
accept-ranges: bytes
client_geo_longitude: 11.060
last-modified: Fri, 12 Mar 2021 22:08:16 GMT
server: AmazonS3
x-timer: S1649680390.587345,VS0,VE1
etag: "ce80bb8738463cc0bc515384e492f2c8"
strict-transport-security: max-age=31557600
x-amz-request-id: 6H4PJQ172EP8FKAH
via: 1.1 varnish
client_geo_latitude: 50.960
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
x-ihr-app-country: WW

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
330 B 150ms
79ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=422756&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212c3fd4ed442c3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2FwV8fgHrswa%22%2C%22page%22%3A%22https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A5%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22417df33f95cf9e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22422756%22%2C%22dfp_ad_unit_code%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%7D%7D%2C%7B%22id%22%3A%2262443d0240fb69%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22422754%22%2C%22dfp_ad_unit_code%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22422754%22%2C%22dfp_ad_unit_code%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%7D%7D%2C%7B%22id%22%3A%2290490476ef3f9b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22422753%22%2C%22dfp_ad_unit_code%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6663%2Fccr.birmingham.al%2Fwerc-fm%22%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cca49e37178669b87a2c2b9ba1a95942e7c295b4af66931aaaf01383007e05f4

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:09 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.8], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://wercfm.iheart.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Mon, 11 Apr 2022 12:33:09 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 557 B
2 KB 215ms
158ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16442&site_id=288758&zone_id=1454298%3B1454296%3B1454294&size_id=2%3B15%3B2&alt_size_ids=%3B10%3B&us_privacy=1---&rf=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&tg_i.aupname=%2F6663%2F.*%26ccrpos%3D3330%3B%2F6663%2F.*%26ccrpos%3D3307%3B%2F6663%2F.*%26ccrpos%3D3306&tg_i.pbadslot=%2F6663%2Fccr.birmingham.al%2Fwerc-fm&tk_flint=dmpbjs_v6.11.0&x_source.tid=b9044d46-f53d-464b-9c64-2b6ddae9e59f%3B4da119f5-8c9d-4af1-83ec-f7dd4766c9fe%3B15cc1104-1754-4bea-a543-c855832b7be0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.6615772726908731
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d7e71d9e9424d1348b6a7ca32f936f2de99b0762aabb27907efd7c6f5a7b66b7

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:09 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wercfm.iheart.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 557
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
351 B 163ms
96ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dDgjHgquWr7lP1rkHcnnVW
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: c7c01c341cfd90402fe635261dbf86d7dabe510233109c7033e80fc881e58489

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wercfm.iheart.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
178 B 164ms
98ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dDgjHgquWr7lP1rkHcnnVW
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: c7c01c341cfd90402fe635261dbf86d7dabe510233109c7033e80fc881e58489

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wercfm.iheart.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
743 B 64ms
22ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:09 GMT
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 09fd26d4-75e8-474c-8b74-4ab8b157a121
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wercfm.iheart.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 137ms
77ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969824017272b78386b8d9d2470063&pos=local(topleadbrd_sub)ccrpos=3330&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 25a598cb751c7c4c4dde8093f23e30f5ac7b7ac272b76197d652b886e9097474

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wercfm.iheart.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 147ms
87ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969824017272b78386b8d9d2470063&pos=local_d300x600_ccrpos=3307&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: fb00b49e60cf58e6cc9618f253db602e424662f53d71991c51b211c63120c125

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wercfm.iheart.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 175ms
116ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969824017272b78386b8d9d2470063&pos=local_d728x90_ccrpos=3306&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 11ed109ee30864d33e923857bfbc59e2ebc4ea3123c9482ce1148b59a4444658

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wercfm.iheart.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 191 B
397 B 273ms
55ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6fa3bfc4ddbd83b8-MXP

GET
H3 200 270798540384083 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 105ms
105ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/270798540384083?v=2.9.57&r=stable

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ab70dfacc2d184de39adf068430de85b4ecfc8d6e638a709694b6448057ff13

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: aUmjDk1VoR2QBu1fVnvej8/MW9ROqPkaTlsBD5qRMsGxJb2gNWuBaIin8zFF5RhFQGt8mQx/PigVYgxyqcOWMQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 11 Apr 2022 12:33:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 currentTrackMeta Show response
ww.api.iheart.com/api/v3/live-meta/stream/3085/ Frame E186 0
75 B 131ms
131ms XHR
text/plain 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/live-meta/stream/3085/currentTrackMeta?defaultMetadata=true
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.33.0/604ef2e/bundles/589.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
X-Locale: en-WW
Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-hostName: webapp.WW

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: ssl_shield_iad_va_us
age: 0
x-cache: MISS, MISS
x-geo-country: DE
x-served-by: cache-iad-kiad7000152-IAD, cache-mxp6978-MXP
x-timer: S1649680390.742846,VS0,VE109
vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
x-accept: json
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
x-cache-hits: 0, 0

GET
H2 200 launch-530fb1e26ecf.min.js Show response
assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/ Frame E186 159 KB
45 KB 22ms
21ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.33.0/604ef2e/bundles/16.widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7829e009c50a75313a34510ff02878e8c90cb5e6d6405196d8790400a014d78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 20:38:42 GMT
server: AkamaiNetStorage
etag: "bad41f64db46aeb47fda72bf857fc32c:1631133522.72211"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 46157
expires: Mon, 11 Apr 2022 13:33:09 GMT

GET
H2 204 currentTrackMeta Show response
ww.api.iheart.com/api/v3/live-meta/stream/3085/ Frame E186 0
152 B 117ms
117ms XHR
text/plain 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/live-meta/stream/3085/currentTrackMeta?defaultMetadata=true
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.33.0/604ef2e/bundles/589.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
X-Locale: en-WW
Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-hostName: webapp.WW

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: ssl_shield_iad_va_us
age: 0
x-cache: MISS, HIT
x-geo-country: DE
x-served-by: cache-iad-kiad7000152-IAD, cache-mxp6978-MXP
x-timer: S1649680390.765138,VS0,VE87
vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
x-accept: json
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
x-cache-hits: 0, 1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 208ms
59ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6fa3bfc4df950e2a-MXP
access-control-allow-headers: Content-Type

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 76ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270798540384083&ev=PageView&dl=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&rl=https%3A%2F%2Ft.co%2FwV8fgHrswa&if=false&ts=1649680389817&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649680389816.1730569751&it=1649680389678&coo=false&rqm=GET

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 11 Apr 2022 12:33:09 GMT

GET
H/1.1 200
OK d2VyY2ZtLmloZWFydC5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 474ms
397ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d2VyY2ZtLmloZWFydC5jb20=
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:10 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: da925cf755d1e54181bbadb9d0069978
Content-Length: 16
Expires: Tue, 12 Apr 2022 00:33:10 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 22ms
13ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 11 May 2022 12:33:09 GMT

OPTIONS
H2 200 currentTrackMeta
ww.api.iheart.com/api/v3/live-meta/stream/3085/ Frame 0
0 17ms
16ms Preflight 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/live-meta/stream/3085/currentTrackMeta?defaultMetadata=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-hostname,x-locale
Access-Control-Request-Method: GET
Origin: https://www.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 0
content-type
date: Mon, 11 Apr 2022 12:33:09 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-accept: */*
x-backend: F_HAProxy
x-cache: MISS
x-cache-hits: 0
x-geo-country: DE
x-served-by: cache-mxp6978-MXP
x-timer: S1649680390.723531,VS0,VE0

OPTIONS
H2 200 currentTrackMeta
ww.api.iheart.com/api/v3/live-meta/stream/3085/ Frame 0
0 16ms
16ms Preflight 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/live-meta/stream/3085/currentTrackMeta?defaultMetadata=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-hostname,x-locale
Access-Control-Request-Method: GET
Origin: https://www.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 0
content-type
date: Mon, 11 Apr 2022 12:33:09 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-accept: */*
x-backend: F_HAProxy
x-cache: MISS
x-cache-hits: 0
x-geo-country: DE
x-served-by: cache-mxp6978-MXP
x-timer: S1649680390.736939,VS0,VE0

GET
H2 204 currentTrackMeta Show response
ww.api.iheart.com/api/v3/live-meta/stream/3085/ Frame E186 0
114 B 23ms
23ms XHR
text/plain 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/live-meta/stream/3085/currentTrackMeta?defaultMetadata=true
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.33.0/604ef2e/bundles/589.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
X-Locale: en-WW
Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-hostName: webapp.WW

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: ssl_shield_iad_va_us
age: 0
x-cache: MISS, HIT
x-geo-country: DE
x-served-by: cache-iad-kiad7000152-IAD, cache-mxp6978-MXP
x-timer: S1649680390.923153,VS0,VE0
vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
x-accept: json
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
x-cache-hits: 0, 2

OPTIONS
H2 200 currentTrackMeta
ww.api.iheart.com/api/v3/live-meta/stream/3085/ Frame 0
0 16ms
16ms Preflight 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/live-meta/stream/3085/currentTrackMeta?defaultMetadata=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-hostname,x-locale
Access-Control-Request-Method: GET
Origin: https://www.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 0
content-type
date: Mon, 11 Apr 2022 12:33:09 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-accept: */*
x-backend: F_HAProxy
x-cache: MISS
x-cache-hits: 0
x-geo-country: DE
x-served-by: cache-mxp6978-MXP
x-timer: S1649680390.903550,VS0,VE0

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=164860604118000230598
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65398431733821776444154818328617148809
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164860604118000230598

42 B
943 B

38ms
38ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=164860604118000230598

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-05420085f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NQyET+jZSQE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:09 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=164860604118000230598
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 id Show response
smy.iheart.com/ Frame E186 48 B
246 B 17ms
16ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smy.iheart.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=97D902BE53295FEE0A490D4C%40AdobeOrg&mid=60944496432230147174033259751220772824&ts=1649680389979

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

57d4332a44be9f1028f6767d26116955c9105401be2770c21b87abe29bcc411e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b6f4bb9f7-7lvxv
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.iheart.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame E186 33 KB
12 KB 21ms
21ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Mon, 11 Apr 2022 13:33:09 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame E186 3 KB
2 KB 29ms
29ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Mon, 11 Apr 2022 13:33:10 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame E186 25 KB
9 KB 39ms
38ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Mon, 11 Apr 2022 13:33:10 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ Frame E186 4 KB
2 KB 33ms
33ms XHR
application/json 52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&d_mid=60944496432230147174033259751220772824&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1649680389986

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

dec433f86aefb6ea272898994194cc39c0252056b46dcb579e0d0ea3709f4b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v030-083bac2ae.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: aIxi2bnbTP8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.iheart.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1246
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s89804823908276
smy.iheart.com/b/ss/cccorporate55/1/JS-2.22.0-LBWB/ 43 B
350 B 18ms
18ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smy.iheart.com/b/ss/cccorporate55/1/JS-2.22.0-LBWB/s89804823908276?AQB=1&ndh=1&pf=1&t=11%2F3%2F2022%2012%3A33%3A9%201%200&mid=60944496432230147174033259751220772824&aamlh=6&ce=UTF-8&cdp=2&pageName=detail&g=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&r=https%3A%2F%2Ft.co%2FwV8fgHrswa&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=content%7C2022-04-06-cash-app-users-could-have-been-affected-by-data-breach&l1=&c2=8%20Million%20Cash%20App%20Users%20Could%20Have%20Been%20Affected%20By%20Data%20Breach&v6=local.inferno.us&c9=page&c10=1132702&c11=1649293680000&c12=iheartradio&c13=national&c14=WERC-FM&c15=NEWSTALK&c16=BIRMINGHAM-AL&c18=cash-app%2Cmoney%2Cdata-breach%2Cblock%2Cmobile-payment-app&c19=LzYyNGUzNzMwNmEwODI2YzYxN2FhMDE0NQ%3D%3D&c21=false&c22=false&c28=wercfm.iheart.com&c30=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&c31=national-news&v88=page_view&v89=wercfm.iheart.com&v151=false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=97D902BE53295FEE0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Apr 2022 12:33:10 GMT
server: jag
xserver: anedge-7b6f4bb9f7-27q75
etag: 3542661663232393216-4619853129464300474
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 10 Apr 2022 12:33:10 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.31.0/ 334 KB
79 KB 26ms
26ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: D263R6OySncrpIc5uRH3nQ==
age: 11160
vary: Accept-Encoding
content-length: 80955
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:24 GMT
server: cloudflare
etag: 0x8DA032EC5D12B02
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 201ddb62-101e-0024-3323-3541a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6fa3bfc5bd0c59b3-MXP

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ Frame E186 4 KB
2 KB 72ms
34ms XHR
application/json 52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&d_mid=60944496432230147174033259751220772824&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=profileid%015297070984%011&ts=1649680390028

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2e79e76a92e03dbd45e8033c40c208fcbe31cfa4fa7c58544b9b562c3e4c6488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v030-0ef62c210.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: BIl08gkORng=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.iheart.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1246
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=a3bfd1d9349b1cafd00f59f6e613fc26ddd145c3243164b83c9d53e6a16e250fb0da87c991749652
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=65398431733821776444154818328617148809
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjUzOTg0MzE3MzM4MjE3NzY0NDQxNTQ4MTgzMjg2MTcxNDg4MDkQABoNCIbA0JIGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a3bfd1d9349b1cafd00f59f6e613fc26ddd145c3243164b83c9d53e6a16e250fb0da87c991749652

42 B
943 B

32ms
31ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=a3bfd1d9349b1cafd00f59f6e613fc26ddd145c3243164b83c9d53e6a16e250fb0da87c991749652

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-053d315f7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: c8As0CSiQ2U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 11 Apr 2022 12:33:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=a3bfd1d9349b1cafd00f59f6e613fc26ddd145c3243164b83c9d53e6a16e250fb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK dest5.html Show response
clearchannel.demdex.net/ Frame B0F9 7 KB
3 KB 30ms
29ms Document
text/html 52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clearchannel.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v030-0f9e8a437.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RsvuB2mPTMI=
content-encoding: gzip
date: Mon, 11 Apr 2022 12:33:10 GMT
last-modified: Tue, 15 Mar 2022 12:08:42 GMT
vary: accept-encoding

OPTIONS
H2 200 events
us-events.api.iheart.com/ Frame 0
0 98ms
98ms Preflight 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://us-events.api.iheart.com/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.210.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-hostname,x-locale
Access-Control-Request-Method: POST
Origin: https://www.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-hostname,x-locale
access-control-allow-methods: POST
access-control-allow-origin: https://www.iheart.com
access-control-max-age: 3600
content-length: 0
date: Mon, 11 Apr 2022 12:33:10 GMT
vary: Origin
via: 1.1 varnish, 1.1 varnish
x-accept: */*
x-backend: ssl_shield_iad_va_us
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-geo-country: DE
x-served-by: cache-iad-kjyo7100026-IAD, cache-hhn4028-HHN
x-timer: S1649680390.056605,VS0,VE89

GET
H2 200 RC2f7a60a345334a2a8e31a9656f6e8b2b-source.min.js Show response
assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/7b8f41edaa68/ Frame E186 413 B
530 B 14ms
13ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/7b8f41edaa68/RC2f7a60a345334a2a8e31a9656f6e8b2b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 39acc19d52b25857344fedb2a64adb2a697e77f4675c6e193843026a274406de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 20:38:43 GMT
server: AkamaiNetStorage
etag: "db26c7a45cfbfe99968c14b3e2e92355:1631133523.618057"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 266
expires: Mon, 11 Apr 2022 13:33:10 GMT

GET
H2 200 RC14ca06cd04e34a22b652b2d90588129d-source.min.js Show response
assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/7b8f41edaa68/ Frame E186 319 B
467 B 15ms
14ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/7b8f41edaa68/RC14ca06cd04e34a22b652b2d90588129d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e7f4ad1714e5300eb2460b6167465ee5d05360ca5c27940c472121bddb24f39d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 20:38:43 GMT
server: AkamaiNetStorage
etag: "db26c7a45cfbfe99968c14b3e2e92355:1631133523.618057"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 204
expires: Mon, 11 Apr 2022 13:33:10 GMT

POST
H2 202 events Show response
us-events.api.iheart.com/ Frame E186 0
103 B 99ms
99ms XHR
text/plain 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://us-events.api.iheart.com/events

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/v8.33.0/604ef2e/bundles/589.widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Locale: en-WW
Referer: https://www.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
X-hostName: webapp.WW
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
access-control-allow-origin: https://www.iheart.com
x-cache: MISS, MISS
x-backend: ssl_shield_iad_va_us
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000064-IAD, cache-hhn4028-HHN
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1649680390.155384,VS0,VE93
x-frame-options: DENY
date: Mon, 11 Apr 2022 12:33:10 GMT
vary: Origin
x-geo-country: DE
x-accept: application/json, text/plain, */*
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ Frame E186 43 B
256 B 133ms
132ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=004d2133385513d6a3dbfd9993b43474ab
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:10 GMT
Cache-Control: no-cache
X-TraceId: 1a47bd5a4140bb564339f6569217ef3b
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/7d044e9d-e966-4b73-b448-a29d06f71027/1b94aa52-11ea-4059-882c-ef0f137bde3d/ 178 KB
31 KB 72ms
72ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7d044e9d-e966-4b73-b448-a29d06f71027/1b94aa52-11ea-4059-882c-ef0f137bde3d/en.json

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac35b65d420404a06ec2681481fd2c83bc7b50736ae3a0129d6517654400e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: 1Jm7J1E8caI79q2POfgK2A==
vary: Accept-Encoding
content-length: 31112
x-ms-lease-status: unlocked
last-modified: Wed, 09 Mar 2022 20:29:57 GMT
server: cloudflare
etag: 0x8DA020B941333F1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cdfd1597-f01e-0048-43a0-4dea7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6fa3bfc619535a0d-MXP
expires: Mon, 11 Apr 2022 16:33:10 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=7348616821894841727
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7348616821894841727

42 B
943 B

32ms
31ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=7348616821894841727

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-08c0323de.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MPb2q772QF0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:10 GMT
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2be6b3b9-9816-4c09-849d-1e5dda5c1e0d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=7348616821894841727
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 s85153557157406 Show response
smy.iheart.com/b/ss/cccorporate55/10/JS-2.22.0-LBWB/ Frame E186 4 KB
4 KB 47ms
47ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smy.iheart.com/b/ss/cccorporate55/10/JS-2.22.0-LBWB/s85153557157406?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=11%2F3%2F2022%2012%3A33%3A10%201%200&cid.&profileid.&id=5297070984&as=1&.profileid&.cid&d.&nsid=0&jsonv=1&.d&D=D%3Dg&mid=60944496432230147174033259751220772824&aamlh=6&ce=UTF-8&ns=clearchannel&pageName=live_profile&g=https%3A%2F%2Fwww.iheart.com%2Flive%2F3085%2F%3Fsc%3Dinferno%26campid%3Db%26pname%3DWERC-FM%26theme%3Dlight%26ihrnetwork%3Dtrue%26embed%3Dtrue&r=https%3A%2F%2Fwercfm.iheart.com%2F&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=live%7C3085&v1=5297070984&c2=WERC-FM&v6=webapp.WW&v8=true&c9=responsive_widget&v11=NONE&v12=8.33.0&v15=en&v16=false&c23=wercfm.iheart.com&c24=https%3A%2F%2Fwercfm.iheart.com%2F&c25=true&c26=monday&c27=12&c29=1&c30=https%3A%2F%2Fwww.iheart.com%2Flive%2F3085%2F%3Fsc%3Dinferno%26campid%3Db%26pname%3Dwerc-fm%26theme%3Dlight%26ihrnetwork%3Dtrue%26embed%3Dtrue&v84=b&v87=WERC-FM&v88=page_view&v95=inferno&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=60&mcorgid=97D902BE53295FEE0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a7eff060b8d8aa6e80049aadbccf680f0942342b224c2876ecda0549dc366baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-aam-tid: ylJV6Zq3Qtw=
date: Mon, 11 Apr 2022 12:33:10 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 3709
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v030-0fe5937e1.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Tue, 12 Apr 2022 12:33:10 GMT
server: jag
xserver: anedge-7b6f4bb9f7-gjglm
etag: 3542661663131762688-4619787380494276020
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 10 Apr 2022 12:33:10 GMT

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 30ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: E3807YWQHPQZ8YJZ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: 5tcVSTKzkfPEZbNMMs+Dplhb/d0xmPHl6ly9DhZlkXi7DMq5iwlmuwUDWB4WFuI4jhXJxdstiws=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1649680390.195489,VS0,VE0
date: Mon, 11 Apr 2022 12:33:10 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8237

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/ 47 KB
12 KB 161ms
160ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/otPcCenter.json

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: ZpEAbh0BppVJFPu0Tn1v0w==
vary: Accept-Encoding
content-length: 11558
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:15 GMT
server: cloudflare
etag: 0x8DA032EC085471F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bdb2a0d3-e01e-0090-1ba0-4d4daa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6fa3bfc6cb565a0d-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 21 KB
4 KB 72ms
72ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: 2HSefDmVwJneRQMu6SXIPw==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5cd0128e-601e-004d-19a0-4d1e04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6fa3bfc6cb585a0d-MXP

GET
H/1.1 200
OK NRJS-ce1ec6f3186daf1624e Show response
bam.nr-data.net/1/ 57 B
190 B 404ms
100ms Script
text/javascript 162.247.242.31
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-ce1ec6f3186daf1624e?a=1061568261&v=1215.1253ab8&to=ZFxVYxNRWkZYUxZcCV0Wck8RQlFGSloRGiF2bRgY&rst=5047&ck=0&ref=https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/&ap=728.608073&be=2524&fe=4992&dc=3161&tt=c92f33fe14001a0e&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1649680385176,%22n%22:0,%22f%22:847,%22dn%22:848,%22dne%22:1419,%22c%22:1419,%22s%22:1425,%22ce%22:1433,%22rq%22:1433,%22rp%22:2394,%22rpe%22:2404,%22dl%22:2501,%22di%22:3161,%22ds%22:3161,%22de%22:3161,%22dc%22:4991,%22l%22:4992,%22le%22:4996%7D,%22navigation%22:%7B%7D%7D&fp=2980&fcp=2980&jsonp=NREUM.setToken
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.uk
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 57
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1

GET
H2 200 eefb89a887e3046c0558cb1b68acb7f5
i.iheart.com/v3/re/assets.brands/ 8 KB
8 KB 17ms
16ms Image
image/webp 2a04:4e42:4e::596
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/re/assets.brands/eefb89a887e3046c0558cb1b68acb7f5?ops=gravity(%22center%22),contain(300,100)&quality=80
Requested by: Host: static.inferno.iheart.com
URL: https://static.inferno.iheart.com/inferno/scripts/bundle.9b8823977a8f7aa3677d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6cc5a5aee2e70a3f0b4d00c66ae32b5d204fe6b89c821e3d56c1397254070325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
fastly-original-body-size: 7916
x-cache: HIT, HIT
x-age: 2628
content-length: 7916
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kjyo7100165-IAD, cache-mxp6981-MXP
last-modified: Mon, 11 Apr 2022 10:11:37 GMT
x-request-id: cortex-proxyd-varnish-7d7bf5db86-2hpbf/TVgUBJCNdj-164437097
x-timer: S1649680390.241451,VS0,VE0
x-dest: http://mediaserver-20220405200449:8000
etag: "a37ee5b3aaefed79c3a5f978c89b2b59fa1dfae6022ff899723f082137d4d5e9"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=4248461613120979943
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4248461613120979943

42 B
943 B

32ms
32ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=4248461613120979943

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-00923ae7d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JsvosgBuTaA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=4248461613120979943
pragma: no-cache
date: Mon, 11 Apr 2022 12:33:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F748 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wercfm.iheart.com
Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wercfm.iheart.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 12:33:10 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 365868.gif
idsync.rlcdn.com/ Frame FCE8 42 B
315 B 16ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=65398431733821776444154818328617148809
Requested by: Host: clearchannel.demdex.net
URL: https://clearchannel.demdex.net/dest5.html?d_nsid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 398ms
94ms XHR
application/json 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1649680390366&sessionId=b118facc-a608-961c-b45c-95f55498c2ec&url=wercfm.iheart.com&cheqSource=1&cheqEvent=3&responseTime=489
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:10 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 95bd4de760822ca74e0dd9972b9f1d7b
Content-Length: 4
Expires: 0

GET
H/1.1

200
OK

ibs:dpid=481&dpuuid=L1UP3Z91-1I-HDQQ
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://token.rubiconproject.com/token?pid=6404&puid=65398431733821776444154818328617148809&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L1UP3Z91-1I-HDQQ?gdpr=0

42 B
943 B

34ms
33ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=481&dpuuid=L1UP3Z91-1I-HDQQ?gdpr=0

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-07afd4256.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: B9N6qYliQS0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=481&dpuuid=L1UP3Z91-1I-HDQQ?gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 get Show response
odb.outbrain.com/utils/ 38 KB
14 KB 455ms
403ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F&idx=0&rand=49532&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=160&py=613&vpd=0&cw=900&activeTab=true&darkMode=false&settings=true&recs=true&version=2000670&sig=61RGI0ii&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&ref=https%3A%2F%2Ft.co%2FwV8fgHrswa&ogn=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c9527b161777e964b15dffccb5db826fd9dcc9199fdd2122cbff4dfb0f15842d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1649680391.575497,VS0,VE396
accept-ranges: bytes
x-served-by: cache-lga21952-LGA, cache-hhn4051-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: a1af40af0e4664d1c3d7b6ed75cd051b
content-encoding: gzip
content-length: 14121
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 504 /
dp2.33across.com/ps/ Frame FCE8 0
0 1422ms
601ms Image
text/html 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dp2.33across.com/ps/?pid=897&random=1685353979
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wercfm.iheart.com

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wercfm.iheart.com

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
11 KB 91ms
77ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3400776040898186&correlator=762469671911401&eid=31066948%2C31066966%2C31065518&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=6663%2Cccr.birmingham.al%2Cwerc-fm&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%2C300x250%7C300x600%2C728x90%7C970x250&ifi=1&adks=141947283%2C2516072383%2C1360379188&sfv=1-0-38&ecs=20220411&fsapi=false&prev_scp=m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26ccrpos%3D3330%26pos%3D3330%26market%3DBIRMINGHAM-AL%26format%3DNEWSTALK%26genre%3Dnews%2520%2526%2520talk%26keywords%3Dcash-app%2Cmoney%2Cdata-breach%2Cblock%2Cmobile-payment-app%26topics%3Dnational-news%26path%3D%252Fcontent%252F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%252F%26contenttype%3Ddetail%26amznbid%3D2%26amznp%3D2%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26ccrpos%3D3307%26pos%3D3307%26market%3DBIRMINGHAM-AL%26format%3DNEWSTALK%26genre%3Dnews%2520%2526%2520talk%26keywords%3Dcash-app%2Cmoney%2Cdata-breach%2Cblock%2Cmobile-payment-app%26topics%3Dnational-news%26path%3D%252Fcontent%252F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%252F%26contenttype%3Ddetail%26amznbid%3D2%26amznp%3D2%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26ccrpos%3D3306%26pos%3D3306%26market%3DBIRMINGHAM-AL%26format%3DNEWSTALK%26genre%3Dnews%2520%2526%2520talk%26keywords%3Dcash-app%2Cmoney%2Cdata-breach%2Cblock%2Cmobile-payment-app%26topics%3Dnational-news%26path%3D%252Fcontent%252F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%252F%26contenttype%3Ddetail%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26hn%3Dwercfm.iheart.com%26env%3Dproduction%26referrer%3Dhttps%253A%252F%252Ft.co%252FwV8fgHrswa%26vers%3DInferno&sc=1&cookie_enabled=1&abxe=1&dt=1649680390637&lmt=1649680390&dlt=1649680387677&idt=1573&biw=1600&bih=1200&adxs=436%2C1140%2C436&adys=16%2C529%2C709&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&ref=https%3A%2F%2Ft.co%2FwV8fgHrswa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x122%7C300x0%7C1600x64&msz=728x90%7C300x0%7C728x0&fws=4%2C4%2C4&ohw=728%2C300%2C728&ga_vid=905323782.1649680391&ga_sid=1649680391&ga_hid=1101047456&ga_fc=false&btvi=0%7C0%7C0&nvt=1

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3eb581099a52ce2b5ad1560c40efb22a41cbd27f8025e96cde1c870bf8c7fd98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11506
x-xss-protection: 0
google-lineitem-id: 4665822224,4665822224,4665822224
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232540380,138232540050,138232611920
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wercfm.iheart.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 41ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040501&st=env

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716a57edce20c1d25ff83ef0d78954e1ea8cef7d4fd6f4f4f2a20ff5343efd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10624
x-xss-protection: 0

GET
H2 200 container.html Show response
3b2df3388180d6d624d7a86c37c31dd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E56 6 KB
4 KB 66ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b2df3388180d6d624d7a86c37c31dd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 12:33:10 GMT
expires: Tue, 11 Apr 2023 12:33:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEI3CsIv15ZZ2Vq7JenbUpQ8&google_cver=1
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjUzOTg0MzE3MzM4MjE3NzY0NDQxNTQ4MTgzMjg2MTcxNDg4MDk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjUzOTg0MzE3MzM4MjE3NzY0NDQxNTQ4MTgzMjg2MTcxNDg4MDk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3CsIv15ZZ2Vq7JenbUpQ8&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

32ms
31ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3CsIv15ZZ2Vq7JenbUpQ8&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-0f4cfb59d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: RX6TuaAQT44=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3CsIv15ZZ2Vq7JenbUpQ8&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50B9 13 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 12:20:58 GMT
expires: Tue, 11 Apr 2023 12:20:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7A1F 783 B
1 KB 39ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56bc43308446e13c68a4974a91d860039a3efd76afb2050dd6a841633a82d197

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YUSybp2XVPFlE62FbnRoCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-YUSybp2XVPFlE62FbnRoCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 12:33:10 GMT
expires: Mon, 11 Apr 2022 12:33:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DDC7 0
0 47ms
46ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXFL3eyoDpmt1Q1WxSCInOGphfgUAQuDJYb2yBtRdZdGgljxJ3hZQ-q8aiyaXqRfTAwqeFtx8LGnj_z_EbD4RUP0Znk0cdYCABLKzafXH6E0dFnxWkNo5rAUG6HBW1weyGR8ZrOAKDLBvpmpg8kLJa9_hY_VsZahVCsj8zRysu0Ch-nILVuqbV_VKEiEX2YLCfxxuXE68uN_Qk1JnBaoC9flHbQkxxia53Fs2CutUHTJvN5ta1pXPb28Je3g003MKD_VqB2ISx5l6KrU19rOs_bdeAMsW1PFNaUY-PQnnn-7c1-NCMs16mVwBNR-yz4ISUNEQ&sai=AMfl-YS0P9eKGl3zOjICAslm_stxUQgG1YBfOQ4M8Pach5M1MpCTmwtojot_Fpn4yNZfmmBxH-ov9JzurDJUXf9qncksAMjcIvmwX6iuQ3Vg&sig=Cg0ArKJSzGM5Lk0BWc3_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/wV8fgHrswa

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDC7 119 KB
36 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/clearchanneldfp218445832525/ Frame DDC7 12 KB
5 KB 14ms
13ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/clearchanneldfp218445832525/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c9a9380a71d6f03112146ff6f5e8cbf5ed7002a9dae6afba3b1afffcaee59cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:04:22 GMT
server: AmazonS3
x-amz-request-id: Y9D8RH148SVAG75H
etag: "ed99bef5c9537e9a75d54890d274540b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46129
accept-ranges: bytes
content-length: 4496
x-amz-id-2: 1tNXvY7eZh/UKtJ2w+4HrGn0HHCrM1QPzty/meMJ2UQHYn5XH4OqsiG8OOw9M0SzrOlozyoFLkY=

GET pixel.gif
content.clearchannel.com/cc-common/ Frame DDC7 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CF21 0
0 43ms
43ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve83ziB1dCnqkfC1N9zaAz7d33Em42MGbkm9bUjbR1bk8yqcogNp36xSlWB1jKkoIUyJL3UO3gcdvFxuU46ipVKxfpVix-yvevJ2rTvV7uyTyM74IrVXpYo_6znEq6aAy7TtiZm0QgQEw6SffW31BuuI3aH5ZcbTz8b55M4USSwWAwfiOchqz_PSYyoIL6h_QZTMHoDifzpjZWIH-Ji98UuEYcRdwWcMBbZMj7lVjb1Q68F-ulCISw_X4xktkCbryIRUBxjv7pHkTjbchFTigEzDaMaH55F9zrVV1-jU2N5K-fO5e71TqDipE5wq_45Evo4DM&sai=AMfl-YSPtlfoLBU8_H_ZXdnoHwxFO1QQXD0ANScd83IqGGKSjTE68SiG5tZUupBTomgRA8QdaisqoDEBGrwNbF4mOaSHN7WIWlnac4aCGgTq&sig=Cg0ArKJSzID5Z3iSalIpEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/wV8fgHrswa

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF21 119 KB
36 KB 44ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/clearchanneldfp218445832525/ Frame CF21 12 KB
5 KB 13ms
13ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/clearchanneldfp218445832525/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c9a9380a71d6f03112146ff6f5e8cbf5ed7002a9dae6afba3b1afffcaee59cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:04:22 GMT
server: AmazonS3
x-amz-request-id: Y9D8RH148SVAG75H
etag: "ed99bef5c9537e9a75d54890d274540b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46129
accept-ranges: bytes
content-length: 4496
x-amz-id-2: 1tNXvY7eZh/UKtJ2w+4HrGn0HHCrM1QPzty/meMJ2UQHYn5XH4OqsiG8OOw9M0SzrOlozyoFLkY=

GET pixel.gif
content.clearchannel.com/cc-common/ Frame CF21 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD98 0
0 43ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUMQgf-hRQrH2cKbmVsdXM_lRULc-5FR4oyzYVkGYDoRaQ81az690t6aKf-E2oUCJvG5ecXExrkx80N5KlzXJDt4nroeys4uINplPYGtoJB3v5sryJ11NiTd_4kBQjdZI3wiS4gfrgoWr2UTgV8WAVPbJBzMa1F5uKuBLOBnzQUBOwtDJjJtbNTEY1MaFC7QavQwQS_oxIiERXxoEtLhkSv4zI72bVap2KURsqESTDUCaKV1Iza8iTBQ0abp9ogvWwDSyV7h9zbRPVFi0S9paAzqpX55-VxUZ0Y_OBfg0cjyB2vDcgrMXuho9w0wCChyIur5s&sai=AMfl-YR0AmPn0Oy_63lohCQuRTa3RY6axxLTTVOgzvORA_7ezby2OQeiewt_33IFt3UKTr7Sam-papx6phReSgTtwmuQ_5l0fjCyAQhLlkb-&sig=Cg0ArKJSzFv68uASDhsmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/wV8fgHrswa

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD98 119 KB
36 KB 43ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/clearchanneldfp218445832525/ Frame AD98 12 KB
5 KB 14ms
14ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/clearchanneldfp218445832525/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c9a9380a71d6f03112146ff6f5e8cbf5ed7002a9dae6afba3b1afffcaee59cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:04:22 GMT
server: AmazonS3
x-amz-request-id: Y9D8RH148SVAG75H
etag: "ed99bef5c9537e9a75d54890d274540b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46129
accept-ranges: bytes
content-length: 4496
x-amz-id-2: 1tNXvY7eZh/UKtJ2w+4HrGn0HHCrM1QPzty/meMJ2UQHYn5XH4OqsiG8OOw9M0SzrOlozyoFLkY=

GET pixel.gif
content.clearchannel.com/cc-common/ Frame AD98 0
0

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 70ms
7ms Preflight 52.28.81.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.81.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-81-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wercfm.iheart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 11 Apr 2022 12:33:10 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 8ms
7ms XHR
application/json 52.28.81.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.81.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-81-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 11 Apr 2022 12:33:10 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame FCE8 43 B
279 B 511ms
424ms Image
image/gif 2606:4700::6812:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=65398431733821776444154818328617148809
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 08 Sep 2017 18:54:28 GMT
server: cloudflare
etag: "59b2e764-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
accept-ranges: bytes
cf-ray: 6fa3bfcb2f4883b5-MXP
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A1F 0
0 79ms
63ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040501&jk=3400776040898186&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 50B9 35 KB
13 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 12:01:53 GMT

GET
DATA 200
OK truncated
/ Frame DDC7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dab19006b7ebb66c8a4e1ee55e8a622505f1c9b9583f0add3cd0110c8151a59c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame DDC7 43 B
260 B 21ms
14ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=IHEARTRADIO2%3A22726243%3A23350963%3A-&de=668264719119&t=1649680390839&i=MOAT_FEATHER_DEBUG1&gw=clearchanneldfp218445832525&cm=1&ac=1&f=0&bq=0&ar=9f397fe3151-clean&iw=c3a605a&dMoatOQs=moatClientLevel1%3D550736083%26moatClientLevel2%3D275090203%26moatClientLevel3%3D4665822224%26moatClientLevel4%3D138232540380%26moatClientSlicer1%3D22726243%26moatClientSlicer2%3D23350963%26zMoatST%3D%26zMoatCP%3D3330%26zMoatPS%3D3330%26zMoatMGV%3DslotNoHistData%26zMoatMMV%3DslotNoHistData%26zMoatMData%3D1%26zMoatMSafety%3Dsafe&fq=1&sy=1&gh=0&wb=0&g=0&na=855089526&cs=0
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
DATA 200
OK truncated
/ Frame CF21 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac7bc64d5169660d812257499528a1768d8f9896d985f536a3c890490131dd55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame CF21 43 B
260 B 14ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=IHEARTRADIO2%3A22726243%3A23350963%3A-&de=892399281738&t=1649680390876&i=MOAT_FEATHER_DEBUG1&gw=clearchanneldfp218445832525&cm=1&ac=1&f=0&bq=0&ar=9f397fe3151-clean&iw=c3a605a&dMoatOQs=moatClientLevel1%3D550736083%26moatClientLevel2%3D275090203%26moatClientLevel3%3D4665822224%26moatClientLevel4%3D138232540050%26moatClientSlicer1%3D22726243%26moatClientSlicer2%3D23350963%26zMoatST%3D%26zMoatCP%3D3307%26zMoatPS%3D3307%26zMoatMGV%3DslotNoHistData%26zMoatMMV%3DslotNoHistData%26zMoatMData%3D1%26zMoatMSafety%3Dsafe&fq=1&sy=1&gh=0&wb=0&g=0&na=257021628&cs=0
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
DATA 200
OK truncated
/ Frame AD98 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74cfbc34106cb0af63847065acf4df0cb3afc9e11dc1a061fc50c42a251afa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame AD98 43 B
260 B 19ms
17ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=IHEARTRADIO2%3A22726243%3A23350963%3A-&de=924890647355&t=1649680390888&i=MOAT_FEATHER_DEBUG1&gw=clearchanneldfp218445832525&cm=1&ac=1&f=0&bq=0&ar=9f397fe3151-clean&iw=c3a605a&dMoatOQs=moatClientLevel1%3D550736083%26moatClientLevel2%3D275090203%26moatClientLevel3%3D4665822224%26moatClientLevel4%3D138232611920%26moatClientSlicer1%3D22726243%26moatClientSlicer2%3D23350963%26zMoatST%3D%26zMoatCP%3D3306%26zMoatPS%3D3306%26zMoatMGV%3DslotNoHistData%26zMoatMMV%3DslotNoHistData%26zMoatMData%3D1%26zMoatMSafety%3Dsafe&fq=1&sy=1&gh=0&wb=0&g=0&na=1800673337&cs=0
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
18ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=IHEARTRADIO2&hp=1&wf=1&ra=6&pxm=4&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1649680387815&de=906275691693&rx=263528095822&m=0&ar=9f397fe3151-clean&iw=f4dc469&q=4&cb=0&cu=1649680387815&ll=2&lm=0&ln=0&em=0&en=0&d=550736083%3A275090203%3A4665822224%3A138232611920&cm=2&zMoatPS=3306&zMoatCP=3306&zMoatMSafety=safe&zMoatMData=1&zMoatMGV=slotNoHistData&zMoatMMV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&zMoatCURL=wercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&id=1&ii=4&bo=3306&bd=23350963&zMoatOrigSlicer1=3306&zMoatOrigSlicer2=23350963&zMoatDomain=iheart.com&zMoatSubdomain=wercfm.iheart.com&gw=iheartprebidheader211581645343&fd=1&ac=1&it=500&pe=1%3A2980%3A2980%3A4996%3A3161&tz=3306&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=safe&jm=-1&fs=197724&na=1155575845&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 11 Apr 2022 12:33:10 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=a92bca1c-5ab4-426f-be6a-6f9eca328963
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a92bca1c-5ab4-426f-be6a-6f9eca328963

42 B
943 B

33ms
33ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=a92bca1c-5ab4-426f-be6a-6f9eca328963

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-0f4cfb59d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6/zLFyvfSWg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=a92bca1c-5ab4-426f-be6a-6f9eca328963
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 50B9 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?U2pKPw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 14ms
14ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1649587012.585621"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Wed, 11 May 2022 12:33:10 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 15ms
14ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:10 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 11 May 2022 12:33:10 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 377ms
97ms Fetch
text/plain 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=d70e669fec06c1969da524695e7dd44b_39195_1649680390921&tm=1108&eT=0&widgetWidth=900&widgetHeight=582&widgetX=160&widgetY=613&wRV=2000670&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=462&oo=true&ab=0&wl=0
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 11 Apr 2022 12:33:11 GMT
content-encoding: gzip
X-TraceId: 770fce229de9ffad849486d1e096cd4e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2000670/module/ 1 KB
938 B 14ms
13ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000670/module/clip.js?e=1
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e4ee21c330b29a3b7bb0434d1ff890ecc075b3867fa47c9a8334855782068ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 08:41:43 GMT
server: AkamaiNetStorage
etag: "76c7cf84b7257fc3ff9a080403ca289a:1649678122.528866"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 611
expires: Mon, 11 Apr 2022 16:33:11 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 31 KB
11 KB 371ms
371ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F&idx=1&rand=95824&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&pdobuid=-1&t=ZDcwZTY2OWZlYzA2YzE5NjlkYTUyNDY5NWU3ZGQ0NGI=&adblck=false&abwl=false&px=1140&py=1245&vpd=45&cw=300&activeTab=true&darkMode=false&settings=true&recs=true&version=2000670&sig=61RGI0ii&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&ref=https%3A%2F%2Ft.co%2FwV8fgHrswa&ogn=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5452efa614631b6276a407cef1f06ae28f2373f1b6cc29598c4b711e7c3a0cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1649680391.000756,VS0,VE365
accept-ranges: bytes
x-served-by: cache-lga21929-LGA, cache-hhn4051-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 5e6e48efe704607ed2d2c0acd905595b
content-encoding: gzip
content-length: 11471
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 59ms
14ms Image
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: max-age=1911145
last-modified: Tue, 23 Feb 2021 19:37:43 GMT
x-traceid: 623880256223390ca3428e89887540ee
timing-allow-origin: *
content-length: 99264
content-type: video/mp4

GET
H2 206 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 97 KB
97 KB 82ms
40ms Media
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b02d07888f6088ff402f7986a0d9a05673ccbb43fca158331999ff8017105b48

Request headers

Referer: https://wercfm.iheart.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
last-modified: Tue, 23 Feb 2021 19:37:43 GMT
content-type: video/mp4
Content-Range: bytes 0-99263/99264
cache-control: max-age=1911145
x-traceid: 623880256223390ca3428e89887540ee
timing-allow-origin: *
Content-Length: 99264

GET
H2 200 eyJpdSI6ImVjMjg2MDllYThjMWI5NTM0N2JhODY3NTczNWRiZGMyZTA3ZTJmZjU4NzcxMmVkNjFmMTQ0YzdjZDVjZDE5MjQiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 36 KB
36 KB 80ms
41ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjMjg2MDllYThjMWI5NTM0N2JhODY3NTczNWRiZGMyZTA3ZTJmZjU4NzcxMmVkNjFmMTQ0YzdjZDVjZDE5MjQiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 17aa90f07361ab90e74ef45f0895944c8a9bf3fdca9977a797253f78c2254a93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: max-age=1514380
last-modified: Mon, 07 Feb 2022 14:54:26 GMT
x-traceid: 93de6c2545be4ee62f7322a22e06a1c2
timing-allow-origin: *
content-length: 36862
content-type: image/webp

GET
H2 200 eyJpdSI6ImIyYzYwY2Y3Y2ZjOThlZmJjZGI3YzZhYjc4NjE0MDI5YTM4Yjg1NGZjYmMzMTVmYWJhY2Y4NjAxNDE4MjhmNGQiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjaCI6MTA1NjY1NjE5LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 79 KB
80 KB 80ms
42ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIyYzYwY2Y3Y2ZjOThlZmJjZGI3YzZhYjc4NjE0MDI5YTM4Yjg1NGZjYmMzMTVmYWJhY2Y4NjAxNDE4MjhmNGQiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjaCI6MTA1NjY1NjE5LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: deb210424702ae47c2dd90bb4e7156b46c0cd478adf97da9e98ee4b8f497404e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: max-age=2113258
last-modified: Thu, 07 Apr 2022 11:16:14 GMT
x-traceid: f1323a33f4b508607e8a395630572fce
timing-allow-origin: *
content-length: 81346
content-type: image/webp

GET
H2 200 eyJpdSI6IjE5NzlmMDViMTZmZGYxM2Q5ZDVhYzUwMjZkM2JkMTk1MDViZmU5N2M3MDE0MGZmMmY2MDQzNGVlMjg4OTQ1M2EiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 44 KB
44 KB 80ms
42ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE5NzlmMDViMTZmZGYxM2Q5ZDVhYzUwMjZkM2JkMTk1MDViZmU5N2M3MDE0MGZmMmY2MDQzNGVlMjg4OTQ1M2EiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c82e661c21d519d52518a1426e1b4e3cc08655f3838c2cac78ed0fcf27a06057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: max-age=741805
last-modified: Tue, 22 Mar 2022 14:09:40 GMT
x-traceid: 0929a6ee4cd04884a81b7a6f213fb35a
timing-allow-origin: *
content-length: 45044
content-type: image/webp

GET
H2 200 eyJpdSI6IjBkYjU4NzE4YzExMmI2NWY3NmVlYTkzNjRmMTc3NjYzYWE4MTYyMTk0ZGRiOTRiZjU5YmJmNWE5NTA0MTNkMjEiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 50 KB
50 KB 81ms
43ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBkYjU4NzE4YzExMmI2NWY3NmVlYTkzNjRmMTc3NjYzYWE4MTYyMTk0ZGRiOTRiZjU5YmJmNWE5NTA0MTNkMjEiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3fe9926679bd63be0f6ca31125e935f6127d36d742b76c67718dc59efb450509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: max-age=2103847
last-modified: Fri, 11 Mar 2022 21:51:44 GMT
x-traceid: c069782773d97f246942feaa7335929b
timing-allow-origin: *
content-length: 50732
content-type: image/webp

GET
H2 200 eyJpdSI6ImM1OWIyOWE1YWFlY2FjM2YxNzI1YjZiMmExOTdhYmNiMmQ5NzU1YzUzMmFiNGQyZDkxY2ZkY2YyYzhjZWExOTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 65 KB
65 KB 42ms
41ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM1OWIyOWE1YWFlY2FjM2YxNzI1YjZiMmExOTdhYmNiMmQ5NzU1YzUzMmFiNGQyZDkxY2ZkY2YyYzhjZWExOTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 048ef5d570913a9ea242ba3d79d727c514b7ed704f55731f87e0feb1ecfe4933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: max-age=2227363
last-modified: Fri, 08 Apr 2022 18:31:04 GMT
x-traceid: b672e6fdc9cc4f8ad987e12345ca7284
timing-allow-origin: *
content-length: 66348
content-type: image/webp

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 113ms
112ms Fetch
application/json 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d70e669fec06c1969da524695e7dd44b&pvId=d70e669fec06c1969da524695e7dd44b&sid=5528575&pid=39195&idx=0&wId=100&pad=3&org=3&tm=1128&eT=3&cnsnt=no_consent&wRV=2000670&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b2673523274a16a4aca73b9292949bf8
Content-Length: 4
Expires: 0

GET image.sbix
global.ib-ibi.com/ Frame FCE8 0
0

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3626432548518756380
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626432548518756380

42 B
943 B

32ms
32ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626432548518756380

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-02607abbc.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: a6eUST8NQm0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:10 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626432548518756380
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 185
expires: 0,Tue, 12 Apr 2022 08:33:11 GMT

GET
H/1.1

200
OK

ibs:dpid=73426&dpuuid=65398431733821776444154818328617148809
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=65398431733821776444154818328617148809&rn=1649680389475&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D653984317338217...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65398431733821776444154818328617148809

42 B
943 B

33ms
33ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65398431733821776444154818328617148809

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-0b737a958.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fDqJQHumQss=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65398431733821776444154818328617148809
date: Mon, 11 Apr 2022 12:33:11 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: H4hi-zsP-KZ-rlwuivGTc9KTo9SpFU4RCgCZeBxUlji8xVRvkbAZVA==
x-cache: Miss from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FCE8
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=65398431733821776444154818328617148809
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65398431733821776444154818328617148809

0
337 B

119ms
32ms

Image
text/plain

52.215.247.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65398431733821776444154818328617148809
Protocol: H2
Server: 52.215.247.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-247-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1649680391
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65398431733821776444154818328617148809
date: Mon, 11 Apr 2022 12:33:11 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a014-ash-prod.krxd.net

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DDC7 0
0 68ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf_l_QbNSyiPdv_3YnwakShMuxQS69ZMmokPTcpIXZSsoBA6agu79mUz2Cjg30tWahIyL9M9wIHCT2IQlctXKbgQraYXCCC0Td9JPhVZFxYFQS7Jf4FKEoqoxWK5UE9DlD3S2CK7PPWSN18u_nCl0jsnrnijCvPKXwfPYxqGHQkEa4n5hIGvLNm7pnwOSkUOBT3lFpbuWSjQE9ZEQCQBJMumoLRD5mCOi6oRwyOdyLWap8U821aazj7HSyhd8llerj6xzL2GdPhwK1XvNsP-dWHAR2qRrYNjfhEKDoKvvnByWQy17aF0T-YRQnQDoPrK6t7smhbQ&sai=AMfl-YRslCzg-Zk1OhHraJ9TgrB7fWkmkMw8doeWd8SHKTc2ihmKC9ZbzwH-eoElGkIRIVHQeZ2oDPwR46FUIac8uO0wdWOhZDz7vGhw4pg2&sig=Cg0ArKJSzN4i8G51zrq0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Apr 2022 12:33:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CF21 0
0 64ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmSYGGvlXlSZK5iEW3uMGvK2pHa9_duZVs2i_wbBpnplO6rBThXbepbr4jEW--Q51MTmB1AzsV6FqPxp7Gr0mR76_dCp6IXgrX58VIXo1cTbvE6tWZ3u45ak8eVOV4-SIDWu_DVcxp3pWTKzlmIiLIFBWF2iH8IoY4nHOKnqRGxvm3OzQhnqyyR7_1cDmgmk4NywET4Mjo022rKJ3aOQ3E9Rrttoafv-tmriPEXOhElovddFZmx-G1mOsL7azByPJSU_danIFG-n2o45HycNFYqDJuYcRHu-_JZXjgptKKfGbPkfksFtHmp3cqeCDuPKXYdXcwbQ&sai=AMfl-YRyVUhLYIgpCjzi0qTbW1UWZibhoJqPyaYfdUKUJXP80NuqePcLWn7uTcUOPsnsu7cl5ajMPtl25fkh-aV2l3BuzHLoWIx7ZqLrgS5z&sig=Cg0ArKJSzNzN0Y6BT12rEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Apr 2022 12:33:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD98 0
0 62ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_yJC610YK1WVzyNN3mvGMedYBJFUlFthB6fNf5vWUTvBBwSglOZg2DLUMMUgWxcuQshh4t3RgOYAACI6d102Vs3QUaekjLm263sL4OiVcHacjs0xY6WTrv-wWIvd8whgN4DScoAsTNVw_TchcDFOFy4FFOuSgxhh0yTkVYXuLPjZTVcn2lUBRTtmg74mx3my44E90VT-I773zNMe-d7qvzaIkWouyr7c0htSblYakPiIAaJHi4iJZGV0khO0ktl88c7GKfqoP-y76RtuHxNB801BzK1B9g5AiOkz_VE3DL0fXkkBkaMGMpuj4UUSglyryFlkKSA&sai=AMfl-YRnTbMBBARwPQkggqc0ji-V0Sb8GBhdE-w1cQ1ICrwoyzMb4xfPJm7vy1nGB6YA7C0ElWobdtO5IgXwhizZayz4XtpuuDw4mIrlB11P&sig=Cg0ArKJSzHOpDHhSIy-sEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 12:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Apr 2022 12:33:11 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 14ms
13ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1649587007.155039"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Wed, 11 May 2022 12:33:11 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 14ms
14ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 11 May 2022 12:33:11 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 95ms
95ms Fetch
text/plain 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=b1c1e272a24fe32922f9478d3a141de2_39195_1649680391314&tm=1498&eT=0&widgetWidth=300&widgetHeight=400&widgetX=1140&widgetY=1245&wRV=2000670&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=375&oo=true&ab=0&wl=0
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 11 Apr 2022 12:33:11 GMT
content-encoding: gzip
X-TraceId: 68d47abea7fed30b119b12501a42b0f8
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 16 KB
16 KB 15ms
15ms Image
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
cache-control: max-age=1911145
last-modified: Tue, 23 Feb 2021 19:37:43 GMT
x-traceid: 623880256223390ca3428e89887540ee
timing-allow-origin: *
content-length: 99264
content-type: video/mp4

GET
H2 206 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 24 KB
0 23ms
23ms Media
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://wercfm.iheart.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 11 Apr 2022 12:33:11 GMT
last-modified: Tue, 23 Feb 2021 19:37:43 GMT
content-type: video/mp4
Content-Range: bytes 0-99263/99264
cache-control: max-age=1911145
x-traceid: 623880256223390ca3428e89887540ee
timing-allow-origin: *
Content-Length: 99264

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=65398431733821776444154818328617148809?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=65398431733821776444154818328617148809?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
961 B

30ms
30ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-04a5d1ba1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: mymX9//EQQc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires: 0
cache-control: no-cache
x-server: 10.45.4.63
content-length: 0
x-consent: absent

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040501&jk=3400776040898186&bg=!6-il6KzNAAZAkm7qYJI7ACkAdvg8Wk9tV-DnL4kdJ6hLNr96edp-Z5I6GaAvUQWGxqNsBbdvZN_IZwIAAABqUgAAAAJoAQeZAqIheonQ-KnzoueRCPAFGIoq0UAdlwNhg228Pa70frY5K7XlaFHFX5HAQfe0iceTiyvviUm8Sk6xeAlLejk_aWwzJdrSZQ9y-Hh4cVdcvw7QpwCzeD1PIJUVr-l_CMB2fZnVE5zZO0mzqfsZrAIho5IdRxT-h8JSs5UV96SW7UvhXaykIiSQU5RLjKB5mmBqlUjjtdea7QWL6MAQbCPZWrGuDKPLm1H07Y-RHfsmZ1CQHbQZ1YcTk5p3xcnTpLlVGFNnNxO78L6xBdJvD-SelH1bXzZBdz6CgHHpLJHQgXpPRBfBQayaGpqgUGf1HQdEaB80zfS6k9gDO93e-3zlK_UJ6bv8zxGzav-Pt5ua36EWa-LQTG3ooe3W6QVG3ve9_MVGFwapsWq76S7uWraNxCriwhMarE8VrQttjq6t2A8aP1g9BWsLlYTdq_PGaV59qnSRLHodg3TCfHqoUkBL62m6440-NMVI5ZMcW-8bA7J8_zMpR4TO5XEdgqwIOT7C7QjG8Z7_aJhVvz0VaHj5g_X5Tfs0ouje1NM_F3YZ6_9YqznU4Y4mUS10Fkqwmmg4s-NxbIN8XZkMCBk3_7um1vzfWFJeDQCqYQlRwqS9zfAdq_JnX0T23maMeM6HaLA5T94UKlQqL831CO4a8XcQbtuV4HPt-oBuzDUo89NVnKPqMYwhEw0VPLy1N1z3vFgKjbSQFiJWJAxfEHa1k_wLiqIXJWph201xordAjI9cEHouRwTHHpI0tvc_igILJG3EbJykruLC3yGC10hqS_67GBxwyJ6RpkFDR7hZDjJwzyPRNftpjeL4kNSgRxbre1VazNvfMGa0E703aU8uXQ7HtbyFi0gTU4BGiVj1pXPCfiEC-1kIMMhiZ0bUIlEJKmlU5Qu91A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK NRJS-ce1ec6f3186daf1624e Show response
bam.nr-data.net/events/1/ 24 B
184 B 100ms
100ms XHR
image/gif 162.247.242.31
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-ce1ec6f3186daf1624e?a=1061568261&v=1215.1253ab8&to=ZFxVYxNRWkZYUxZcCV0Wck8RQlFGSloRGiF2bRgY&rst=6331&ck=0&ref=https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.uk
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://wercfm.iheart.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H/1.1

200
OK

ibs:dpid=134096
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://tags.bluekai.com/site/43981?id=65398431733821776444154818328617148809&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096

42 B
957 B

30ms
30ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0d99b628d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: 4/1Y8C3ST9o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096
Date: Mon, 11 Apr 2022 12:33:11 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=123f7bbadeb0a76d8e65328be6d341fb
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=123f7bbadeb0a76d8e65328be6d341fb

42 B
943 B

35ms
34ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=123f7bbadeb0a76d8e65328be6d341fb

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-07884c322.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: uay1QzpuSHw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Mon, 11 Apr 2022 12:33:11 GMT
X-Clacks-Overhead: GNU Terry Pratchett
Server: Apache-Coyote/1.1
X-Adswizz-request-id: 8cde1b20-b993-11ec-afc9-02addc5813e1
Instance-id: i-0c6a80690782cc4d1
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=123f7bbadeb0a76d8e65328be6d341fb
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1

200
OK

ibs:dpid=963840&dpuuid=b6ee243c-a5e9-4cab-a4f6-fddccdb1d5a2
dpm.demdex.net/ Frame FCE8
Redirect Chain

https://playerservices.live.streamtheworld.com/api/getuuid?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D963840%26dpuuid%3D%40UUID%40
https://dpm.demdex.net/ibs:dpid=963840&dpuuid=b6ee243c-a5e9-4cab-a4f6-fddccdb1d5a2

42 B
943 B

32ms
32ms

Image
image/gif

52.30.141.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=963840&dpuuid=b6ee243c-a5e9-4cab-a4f6-fddccdb1d5a2

Protocol

HTTP/1.1

Server

52.30.141.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-141-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clearchannel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-0b737a958.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6CcSQMNkRyU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 11 Apr 2022 12:33:12 GMT
x-stw-site: LAX
x-stw-server: lax-strc-docker01_8082
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-language: de-DE
location: https://dpm.demdex.net/ibs:dpid=963840&dpuuid=b6ee243c-a5e9-4cab-a4f6-fddccdb1d5a2
connection: close
access-control-allow-origin: *

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDC7 42 B
64 B 58ms
42ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv03rwSq3_2v-AzyEb8UYnASaT7AqmKSsh8HlsqVbho0W3wvi8dDAMgzSyjQffy3iEQav74ytajOvJ6p-tAEzFOaKwN7_ABT2vwnYruzOtvTFom5wJk&sig=Cg0ArKJSzP-9cik08xg7EAE&id=lidar2&mcvt=1000&p=16,436,106,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=141947283&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649680390771&rpt=569&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF21 42 B
64 B 55ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjA0iy_4KfsjnOyhyR9BxbHvQPf7bl1IYgI9ZLC9Y8a1R6hsS1TZpIFL3_kT0FmUyKWvjnJAm_6kv-LgPjgTPs4zhxyGqdNOSDICGebGwyQ1-IlnaB&sig=Cg0ArKJSzIck6JTCC18zEAE&id=lidar2&mcvt=1002&p=529,1140,1129,1440&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220406&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2516072383&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649680390777&rpt=570&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wercfm.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
325 B 450ms
120ms Ping
application/json 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:13 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 239938b750234f4129de127b300d8867
Content-Length: 4
Expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
329 B 46ms
23ms XHR
text/plain 34.120.133.55

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=2102

Requested by

Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 -, , ASN (),

Reverse DNS

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wercfm.iheart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://wercfm.iheart.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 97A6 3 KB
2 KB 61ms
14ms Document
text/html 23.35.236.247

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Apr 2022 12:33:15 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1F08 52 KB
17 KB 29ms
6ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 25903
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 11 Apr 2022 12:33:15 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 07 Apr 2022 05:21:24 GMT
Fastly-Original-Body-Size: 17053
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3, 525001
X-Served-By: cache-lga21973-LGA, cache-hhn4021-HHN
X-Timer: S1649680396.650085,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 62B6 281 B
554 B 40ms
18ms Document
text/html 23.37.42.132

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Apr 2022 12:33:15 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame E592 0
0 106ms
100ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dDgjHgquWr7lP1rkHcnnVW&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Mon, 11 Apr 2022 12:33:14 GMT
server: 33XP002
x-33x-status: 2000208

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8DCA 15 KB
6 KB 61ms
17ms Document
text/html 2.20.157.2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159896&us_privacy=1---
Requested by: Host: wercfm.iheart.com
URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.2 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://wercfm.iheart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=147992
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 12:33:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 13 Apr 2022 05:39:47 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 62B6 32 KB
10 KB 15ms
14ms Script
text/html 23.37.42.132

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b3639b990d3b645028fd9832c1680ddffcb1c71c644e3d8d287e66b55dd3f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75066
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9542
Expires: Tue, 12 Apr 2022 09:24:21 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1F08 0
741 B 70ms
70ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:15 GMT
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5e96b712-efbb-41b7-95ba-7e05112cd0fd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

25ms
25ms

Document
text/html

23.35.236.247

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a63691645f04e18f1573dcb17e8389527e9af28d9d1329413f6d004818f58b1d

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1645
Content-Type: text/html
Date: Mon, 11 Apr 2022 12:33:15 GMT
Dropped-Udsids: 230|45|39|241|152|64|31|73
Expires: Mon, 11 Apr 2022 12:33:15 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 368
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 11 Apr 2022 12:33:15 GMT
Expires: Mon, 11 Apr 2022 12:33:15 GMT
Location: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8DCA 2 KB
2 KB 41ms
13ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54762740&p=159896&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159896&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f464079f36b6e88fd3e58d4e46cfde869a69585534904cc189e0db2aa7e1afb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1812
content-type: text/html; charset=UTF-8

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 37CA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=102EDF8A-2E42-43E1-A67A-8F2496AA1DED
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=102EDF8A-2E42-43E1-A67A-8F2496AA1DED

35 B
468 B

19ms
19ms

Document
image/gif

37.157.6.245

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=102EDF8A-2E42-43E1-A67A-8F2496AA1DED

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159896&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 11 Apr 2022 12:33:15 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 11 Apr 2022 12:33:15 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=102EDF8A-2E42-43E1-A67A-8F2496AA1DED
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 54B0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a0b46254-200c-4600-adf0-ecee1119d699&gdpr=0&gdpr_consent=

42 B
647 B

238ms
155ms

Document
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a0b46254-200c-4600-adf0-ecee1119d699&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159896&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Apr 2022 10:37:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug020:0:403

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 11 Apr 2022 12:33:16 GMT
Expires: Mon, 11 Apr 2022 12:33:15 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4320 2f2dfe5 master ord-pixel-x53 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a0b46254-200c-4600-adf0-ecee1119d699&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3058
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1966836341440672838

42 B
210 B

21ms
21ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1966836341440672838
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159896&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Apr 2022 12:33:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug012:0:408

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1966836341440672838
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8DCA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EC7fii5CQ-Gmeo8klqod7Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

16ms
16ms

Image
text/html

2.20.157.2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol: H2
Server: 2.20.157.2 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=147992
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Wed, 13 Apr 2022 05:39:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 8DCA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=578b6254-200c-4500-bffc-71a1601f80a5

0
260 B

48ms
14ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=578b6254-200c-4500-bffc-71a1601f80a5
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 11 Apr 2022 12:33:16 GMT
Server: MT3 4320 2f2dfe5 master ord-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=578b6254-200c-4500-bffc-71a1601f80a5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 11 Apr 2022 12:33:15 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 8DCA
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=102EDF8A-2E42-43E1-A67A-8F2496AA1DED
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=a92bca1c-5ab4-426f-be6a-6f9eca328963&icm
https://spl.zeotap.com/?zdid=1332&zcluid=429b6777040310d5
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=44a00809-85c6-4e71-5c39-610216b1406d&reqId=b35ef190-8ba7-41d7-7359-b3918247bbfa&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEESkwPNwYBcLozqCDJYJFqU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=44a00809-85c6-4e71-5c39-610216b1406d&reqId=b35ef190-8ba7-41d7-7359-b39...

95 B
165 B

72ms
54ms

Image
image/png

2606:4700:10::6816:1957

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEESkwPNwYBcLozqCDJYJFqU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=44a00809-85c6-4e71-5c39-610216b1406d&reqId=b35ef190-8ba7-41d7-7359-b3918247bbfa&zcluid=429b6777040310d5&zdid=1332
Protocol: H2
Server: 2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6fa3bfeb8993375d-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEESkwPNwYBcLozqCDJYJFqU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=44a00809-85c6-4e71-5c39-610216b1406d&reqId=b35ef190-8ba7-41d7-7359-b3918247bbfa&zcluid=429b6777040310d5&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8DCA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTAyRURGOEEtMkU0Mi00M0UxLUE2N0EtOEYyNDk2QUExREVE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
342 B

59ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:395
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8DCA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKEdjwWej0H3ZlAgdMgPFwU&google_cver=1

42 B
362 B

58ms
20ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKEdjwWej0H3ZlAgdMgPFwU&google_cver=1
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug025:0:521
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKEdjwWej0H3ZlAgdMgPFwU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8DCA 43 B
610 B 72ms
21ms Image
image/gif 159.122.14.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Apr 2022 12:33:15 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8DCA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1098310237605171914

42 B
393 B

472ms
156ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1098310237605171914
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:59:11 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug024:0:568
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1098310237605171914
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DBAF 170 B
188 B 19ms
16ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlQgC7.U7ZH7jJD6BYLf3gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEd7WP5AgaE--f0AFKeiQY0&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

40ms
40ms

Image
image/gif

2.20.157.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEd7WP5AgaE--f0AFKeiQY0&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 11 Apr 2022 12:33:16 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEd7WP5AgaE--f0AFKeiQY0&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame DBAF 70 B
264 B 35ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DBAF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB&dcc=t

43 B
645 B

99ms
99ms

Image
image/gif

52.46.154.242

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.154.242 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JSZKC449PXMYP9AM0J79
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2946PC69F9CR8YCV5785
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DBAF
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1c4d0d3-2f46-4846-9189-49ac19822dff

43 B
1 KB

42ms
41ms

Image
image/gif

2.20.157.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1c4d0d3-2f46-4846-9189-49ac19822dff
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.20.157.55 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 11 Apr 2022 12:33:16 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1c4d0d3-2f46-4846-9189-49ac19822dff
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DBAF 0
191 B 87ms
34ms Image
text/plain 66.155.71.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame DBAF
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7029667951980965821&uid=Q7029667951980965821&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

19ms
19ms

Image
image/gif

23.75.246.168

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.75.246.168 -, , ASN (),
Reverse DNS
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:15 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 11 Apr 2022 12:33:15 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DBAF 43 B
993 B 99ms
33ms Image
image/gif 2a05:d018:d29:3601:a361:57c8:93b7:1576

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YlQgC7-U7ZH7jJD6BYLf3gAABMQAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:a361:57c8:93b7:1576 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame DBAF 43 B
425 B 15ms
13ms Image
image/gif 23.35.236.247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YlQgC7.U7ZH7jJD6BYLf3gAA%261220
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwercfm.iheart.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 12:33:15 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2267
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 11 Apr 2022 13:11:02 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 62B6 0
0 18ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 62B6 70 B
264 B 34ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 62B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMcUaLhiuIEvitEdPTCsifA&google_cver=1

0
239 B

43ms
14ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMcUaLhiuIEvitEdPTCsifA&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMcUaLhiuIEvitEdPTCsifA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 62B6
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=A31ay6g4Qr-etwrJ60p9yw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=A31ay6g4Qr-etwrJ60p9yw

43 B
797 B

123ms
123ms

Image
image/gif

54.239.37.45

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=A31ay6g4Qr-etwrJ60p9yw

Protocol

HTTP/1.1

Server

54.239.37.45 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1SNXN089F3CWG1BPK2ST
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=A31ay6g4Qr-etwrJ60p9yw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 62B6
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UP3Z91-1I-HDQQ&sigv=1&esig=2~4191c51e5be2a85e2ac716c7a78387bcd893bf87&us_privacy=1---

0
194 B

41ms
12ms

Image
text/plain

2a00:1288:80:807::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UP3Z91-1I-HDQQ&sigv=1&esig=2~4191c51e5be2a85e2ac716c7a78387bcd893bf87&us_privacy=1---

Protocol

Server

2a00:1288:80:807::1 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UP3Z91-1I-HDQQ&sigv=1&esig=2~4191c51e5be2a85e2ac716c7a78387bcd893bf87&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 62B6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uYA9MWQ7RtmCEVU9IhPkfg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uYA9MWQ7RtmCEVU9IhPkfg

43 B
556 B

109ms
109ms

Image
image/gif

52.46.154.242

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uYA9MWQ7RtmCEVU9IhPkfg

Protocol

HTTP/1.1

Server

52.46.154.242 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2H7ZB850S2MZCZWDVGJX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uYA9MWQ7RtmCEVU9IhPkfg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62B6
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVUDNaOTEtMUktSERRUQ==&us_privacy=1---

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVUDNaOTEtMUktSERRUQ==&us_privacy=1---

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:33:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVUDNaOTEtMUktSERRUQ==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 62B6
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1UP3Z91-1I-HDQQ&us_privacy=1---

0
709 B

139ms
119ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1UP3Z91-1I-HDQQ&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 12:33:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E739CF34CA604E799C941ACC013E7EF0 Ref B: FRAEDGE1521 Ref C: 2022-04-11T12:33:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcYCX+IhqQzOStM1T0uQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1UP3Z91-1I-HDQQ&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1F08 0
741 B 27ms
27ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 12:33:16 GMT
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 72e9900c-6873-46d3-a4a9-a39ebf4eb7a8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: content.clearchannel.com
URL: https://content.clearchannel.com/cc-common/pixel.gif

Domain: content.clearchannel.com
URL: https://content.clearchannel.com/cc-common/pixel.gif

Domain: content.clearchannel.com
URL: https://content.clearchannel.com/cc-common/pixel.gif

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=65398431733821776444154818328617148809

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 02:16:06	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.t.co/	1970-01-20 11:44:54	Name: muc Value: d6a62369-d0d5-4aa9-a0b4-a744639c2ec6
wercfm.iheart.com/	1969-12-31 23:59:59	Name: no-ads Value: 0
static.inferno.iheart.com/	1969-12-31 23:59:59	Name: no-ads Value: 0
www.iheart.com/	1969-12-31 23:59:59	Name: geoCountry Value: DE
www.iheart.com/	1969-12-31 23:59:59	Name: geoZipcode Value: (null)
www.iheart.com/	1969-12-31 23:59:59	Name: geoLat Value: 51.299
www.iheart.com/	1969-12-31 23:59:59	Name: geoLong Value: 9.491
wercfm.iheart.com/	1970-01-20 02:24:45	Name: ab_hash Value: 1aab843ae0362f8ba7dcb30d2a958c66
wercfm.iheart.com/	1970-01-20 06:33:52	Name: device_id Value: 84d6bdf8-be98-4c5d-b47c-5c072a5f099a
.iheart.com/	1970-01-20 02:14:42	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial%22%2C%22sref%22:%22https://t.co/wV8fgHrswa%22%2C%22sts%22:1649680389145%2C%22slts%22:0}
.scorecardresearch.com/	1970-01-20 19:31:28	Name: UID Value: 1463ea065f7bacc759cb1421649680389
.iheart.com/	1970-01-20 11:44:04	Name: _parsely_visitor Value: {%22id%22:%22pid=39e64a1cf876bc938c34706a90594aa4%22%2C%22session_count%22:1%2C%22last_session_ts%22:1649680389145}
.demdex.net/	1970-01-20 06:33:52	Name: demdex Value: 65398431733821776444154818328617148809
.iheart.com/	1970-01-20 11:44:27	Name: _scid Value: 59673412-ded1-49c0-a88d-d317130442ed
.iheart.com/	1969-12-31 23:59:59	Name: AMCVS_97D902BE53295FEE0A490D4C%40AdobeOrg Value: 1
www.iheart.com/	1970-01-20 06:33:52	Name: pid Value: 5297070984
www.iheart.com/	1970-01-20 06:33:52	Name: aid Value: VEmt2iFoVVG9gYy3RAiRi
www.iheart.com/	1970-01-20 06:33:52	Name: auuid Value: c1606de3-4b93-48fe-909c-d20bb0511761
.snapchat.com/	1970-01-20 11:36:16	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQAqMB3om2XsHxs3VV3tEGZVoWaCLcTg2h+71xYteZw8bTs/gBVPmMMDIAAAA=
wercfm.iheart.com/	1970-01-20 02:57:52	Name: _pbjs_userid_consent_data Value: 3524755945110770
.everesttech.net/	1970-01-20 11:00:16	Name: everest_g_v2 Value: g_surferid~YlQgBQAAAB8KuAO1
.dpm.demdex.net/	1970-01-20 06:33:52	Name: dpm Value: 65398431733821776444154818328617148809
wercfm.iheart.com/	1970-01-20 02:15:09	Name: OTTok Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1bmRlZmluZWQifQ.rAFK9zcRQDdP8WtPKydayRM62-S9nMdJMO1k2pZLf1w
wercfm.iheart.com/	1970-01-20 02:15:09	Name: OTPid Value: undefined
.iheart.com/	1970-01-20 04:24:16	Name: _fbp Value: fb.1.1649680389816.1730569751
.rubiconproject.com/	1970-01-20 11:00:16	Name: khaos Value: L1UP3Z91-1I-HDQQ
.rubiconproject.com/	1970-01-20 11:00:16	Name: audit Value: 1\|hLZGFuTafB1DXMQOHq9NIzpcd3HBZZ775PzI6EyVJjlVAthPpLFZyx0oDofugOZeXD+XRDstR7jyCtGVvNbJmuCAnekPgJib5DnKP7eWo6vQD5U7tEfUTQ==
.facebook.com/	1970-01-20 04:24:16	Name: fr Value: 0dsxvlkPcOhKXH00N..BiVCAF...1.0.BiVCAF.
.iheart.com/	1970-01-20 19:45:52	Name: s_ecid Value: MCMID%7C60944496432230147174033259751220772824
.agkn.com/	1970-01-20 11:00:16	Name: ab Value: 0001%3AfS170%2B4jBobw3RCK9ct4MnE2GglGVPQF
.iheart.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.iheart.com/	1969-12-31 23:59:59	Name: DEVICE_ID Value: c227c5d1-9b9e-4ea1-9284-21f8bffc1462
.iheart.com/	1970-01-20 19:47:18	Name: AMCV_97D902BE53295FEE0A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19094%7CMCMID%7C60944496432230147174033259751220772824%7CMCAAMLH-1650285190%7C6%7CMCAAMB-1650285190%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1649687590s%7CNONE%7CMCSYNCSOP%7C411-19101%7CvVersion%7C5.2.0%7CMCAID%7CNONE%7CMCCIDH%7C-1911977454
.rlcdn.com/	1970-01-20 11:00:16	Name: rlas3 Value: eGjz1uarekhzbK9AM18sqjLpvxaS6md2/OdNUnR33lw=
.rlcdn.com/	1970-01-20 03:41:04	Name: pxrc Value: CIbA0JIGEgUI6AcQABIGCPHrARAA
.adnxs.com/	1970-01-20 04:24:16	Name: uuid2 Value: 7348616821894841727
wercfm.iheart.com/	1970-01-20 11:00:16	Name: usprivacy Value: 1YNY
.iheart.com/	1970-01-20 11:00:16	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Apr+11+2022+12%3A33%3A10+GMT%2B0000+(GMT)&version=6.31.0&isIABGlobal=false&hosts=&consentId=e643eeb4-51db-4973-9449-185d7111ab8d&interactionCount=0&landingPath=https%3A%2F%2Fwercfm.iheart.com%2Fcontent%2F2022-04-06-cash-app-users-could-have-been-affected-by-data-breach%2F%3FKeyid%3Dsocialflow%26Pname%3Dlocal_social%26Sc%3Deditorial&groups=C1000%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1%2CC0001%3A1
.turn.com/	1970-01-20 06:33:52	Name: uid Value: 4248461613120979943
.doubleclick.net/	1970-01-20 11:36:16	Name: IDE Value: AHWqTUkkqkp5pJaaKXYdbD1_A0RapatG8apix0l3DBOT5rbIDo8LTBliG8pfLggONkA
.doubleclick.net/	1970-01-20 02:14:41	Name: test_cookie Value: CheckForPermission
.iheart.com/	1970-01-20 11:36:16	Name: __gads Value: ID=453ca0ae17f5b1aa:T=1649680390:S=ALNI_MbbVsG31mIHWtywMSQu9IRx-HEf5A
.adsrvr.org/	1970-01-20 11:00:16	Name: TDID Value: a92bca1c-5ab4-426f-be6a-6f9eca328963
.adsrvr.org/	1970-01-20 11:00:16	Name: TDCPM Value: CAESEgoDYWFtEgsIutvfjq_wzToQBRgFIAEoAjILCLD827vF8M06EAU4AQ..
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.demdex.net/	1970-01-20 06:33:52	Name: dextp Value: 21-1-1649680389900\|60-1-1649680390031\|358-1-1649680390132\|470-1-1649680390233\|477-1-1649680390334\|481-1-1649680390435\|601-1-1649680390536\|771-1-1649680390654\|992-1-1649680390805\|903-1-1649680390913\|2299-1-1649680391013\|22052-1-1649680391114\|73426-1-1649680391215\|66757-1-1649680391316\|121998-1-1649680391417\|134096-1-1649680391518\|175765-1-1649680391619\|963840-1-1649680391719
.krxd.net/	1970-01-20 06:33:52	Name: _kuid_ Value: OxaM5Ylg
.live.streamtheworld.com/	1970-01-20 02:57:52	Name: uuid-s Value: b6ee243c-a5e9-4cab-a4f6-fddccdb1d5a2

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/wV8fgHrswa Message: Unrecognized Content-Security-Policy directive 'referrer'.
security	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js(Line 5) Message: Mixed Content: The page at 'https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial' was loaded over HTTPS, but requested an insecure element 'http://content.clearchannel.com/cc-common/pixel.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js(Line 5) Message: Mixed Content: The page at 'https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial' was loaded over HTTPS, but requested an insecure element 'http://content.clearchannel.com/cc-common/pixel.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js(Line 5) Message: Mixed Content: The page at 'https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial' was loaded over HTTPS, but requested an insecure element 'http://content.clearchannel.com/cc-common/pixel.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial Message: Mixed Content: The page at 'https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial' was loaded over HTTPS, but requested an insecure element 'http://content.clearchannel.com/cc-common/pixel.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial Message: Mixed Content: The page at 'https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial' was loaded over HTTPS, but requested an insecure element 'http://content.clearchannel.com/cc-common/pixel.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial Message: Mixed Content: The page at 'https://wercfm.iheart.com/content/2022-04-06-cash-app-users-could-have-been-affected-by-data-breach/?Keyid=socialflow&Pname=local_social&Sc=editorial' was loaded over HTTPS, but requested an insecure element 'http://content.clearchannel.com/cc-common/pixel.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://content.clearchannel.com/cc-common/pixel.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://content.clearchannel.com/cc-common/pixel.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://content.clearchannel.com/cc-common/pixel.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=65398431733821776444154818328617148809 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://dp2.33across.com/ps/?pid=897&random=1685353979 Message: Failed to load resource: the server responded with a status of 504 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=2102 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1--- Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b2df3388180d6d624d7a86c37c31dd7.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
ads.scorecardresearch.com
ads.yahoo.com
adservice.google.com
adservice.google.de
amplifypixel.outbrain.com
api.iheart.com
api.rlcdn.com
assets.adobedtm.com
bam.nr-data.net
beacon.krxd.net
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.parsely.com
clearchannel.demdex.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
content.clearchannel.com
d.turn.com
d5p.de17a.com
delivery-cdn-cf.adswizz.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
global.api.iheart.com
global.ib-ibi.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.iheart.com
ib.adnxs.com
id.rlcdn.com
idpix.media6degrees.com
idsync.rlcdn.com
ihe.art
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
js-agent.newrelic.com
js-sec.indexww.com
log.outbrainimg.com
match.adsrvr.org
mb.moatads.com
mcdp-nydc1.outbrain.com
ml314.com
mwzeom.zeotap.com
odb.outbrain.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
playerservices.live.streamtheworld.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
s.amazon-adsystem.com
sb.scorecardresearch.com
sc-static.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
smy.iheart.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.inferno.iheart.com
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
t.co
tags.bluekai.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
trib.al
tv47clj0la.execute-api.us-east-1.amazonaws.com
um.simpli.fi
us-events.api.iheart.com
usermatch.krxd.net
webapi.radioedit.iheart.com
wercfm.iheart.com
widget-pixels.outbrain.com
widgets.outbrain.com
ww.api.iheart.com
www.facebook.com
www.google.com
www.googletagservices.com
www.iheart.com
www.instagram.com
z.moatads.com
content.clearchannel.com
global.ib-ibi.com
hbopenbid.pubmatic.com
104.244.42.197
104.244.42.200
104.36.113.107
104.90.192.27
104.92.74.8
108.157.4.38
141.94.170.64
142.250.185.130
142.250.185.66
143.204.201.254
143.204.202.47
143.204.98.87
15.188.95.229
151.101.1.108
151.101.114.132
151.101.2.137
159.122.14.34
162.247.242.31
184.73.156.246
185.33.220.145
185.64.190.80
198.47.127.19
198.47.127.20
199.232.210.84
199.232.213.13
199.232.214.193
199.232.214.84
2.20.157.2
2.20.157.55
2001:678:cb4:bbbb::13
208.80.55.212
213.155.156.181
216.200.232.249
23.0.33.234
23.35.229.181
23.35.236.247
23.35.237.151
23.35.237.86
23.37.42.132
23.75.246.168
2602:803:c004:200::140
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b844
2606:4700:10::6816:1957
2606:4700::6810:9540
2606:4700::6812:a4f
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a02:26f0:3500:587::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
2a04:4e42:4e::596
2a05:d018:d29:3601:a361:57c8:93b7:1576
3.214.98.210
3.217.69.250
3.248.131.63
34.111.234.236
34.120.133.55
34.149.20.76
34.194.161.83
34.195.210.70
34.242.253.233
35.178.150.13
35.186.226.184
35.244.174.68
37.157.6.245
52.208.32.237
52.215.247.247
52.223.40.198
52.28.203.152
52.28.81.215
52.30.141.83
52.46.154.242
52.7.213.91
54.194.251.50
54.229.178.120
54.239.37.45
54.246.173.2
65.9.61.60
65.9.66.173
66.155.71.150
67.202.105.23
69.173.144.138
69.173.144.139
70.42.32.223
0176ef7350292b2c32a210617ee02c7bac2f1e006acc4cb6588e836c5f85ff40
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
048ef5d570913a9ea242ba3d79d727c514b7ed704f55731f87e0feb1ecfe4933
052c5ef6eb90d24231f9221b208e8c7794d5de0acd393b97b803f53235aa65ed
05e6af604f5e722f5c6b00d112bd5fe384f7c838b3ebd3b12b0ea0dba51e6119
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
096f5b2351c7aa561f91b83732b9a5e159b8ed112cbe32ffd10d081ed1bb8750
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c70a37b8c72bf27151eaa3f8eedfdfc9ca984dcfcbaed2e2626f52743832e78
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cc5c5e22561b2eac8c100ed93bb793579be5603c8658106ca0a5bd481f79004
0ee6139effe435ba55808fbd968842239b497571052a973b34b099e1e091dd73
0f568e9783c2392a7cec666faab203f3fa44fd89ebd0987f2000296725d10f2a
0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ed109ee30864d33e923857bfbc59e2ebc4ea3123c9482ce1148b59a4444658
1208205702b1cd7ef7bb23dc4d8e90af7332ed3f2da682e64d2f23cfeb4adf82
12bdd8d296052b2e8faa88ff2a6922a8fd93fc23b57044150c5f2d7075996f52
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
14d15b7b1268d2760d8b3c4415f9eb1756821457a38eb5252d9ffbe40488cb23
17aa90f07361ab90e74ef45f0895944c8a9bf3fdca9977a797253f78c2254a93
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18900d0564e8ff47d4b92bd91e2cb5e0fcf4bd99986589daea8e6bd32ac916c6
1a067562a77d5d7e947c110ec2a319b82f1916755bec981ad845eba52132691e
1c600487478d427a9cb0387af68800c478bc4c5616d64d1500ef451fb98fb2a9
1f31bde58f5fc6702dbf1ddf3857926c8c6e18bae5691468748334c731551ff9
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
25a598cb751c7c4c4dde8093f23e30f5ac7b7ac272b76197d652b886e9097474
26209c7c5774d90cb19cd9a4dd736bf91726e30cf61c39bc4245b6bdc8d348a3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27818d82f071ef5a2025ad9f0c3eb98e68817f7dfee5b337726368a3c681f514
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2e79e76a92e03dbd45e8033c40c208fcbe31cfa4fa7c58544b9b562c3e4c6488
2fac42d19f7115964cb32bdbd6f07f93fa3d9318db93e9c6e48c76d18b8a18d6
31ca84e975c68ecedc2a4f36cbadf1d9de61a1a51670ac2fb62ea5f761fd4ce5
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
39acc19d52b25857344fedb2a64adb2a697e77f4675c6e193843026a274406de
3ab70dfacc2d184de39adf068430de85b4ecfc8d6e638a709694b6448057ff13
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb581099a52ce2b5ad1560c40efb22a41cbd27f8025e96cde1c870bf8c7fd98
3ec42f1b9f496a42d963da7b55ddc27b3c19d0ce5a386bbbd2ec4f1ba4cf802d
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe9926679bd63be0f6ca31125e935f6127d36d742b76c67718dc59efb450509
414eb36940aa9c870b6d933d1774075d1e71c285efc1b63bf46dff6963e84911
426b4a2a7f794a48357e439a07ede45ebe95889c682a9ae1fde150c4e71e5928
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
47219f91e1d5e724eb08095e7fc8c29631379d70f38633008a0644b3329d6135
476b762077ea9a9283c91f0e0e6df644b11770c0c9983b1c05c9e4a36ad26988
485cc345cb97956d4babeb1ca9e25fb2f27d4105fe37b0c1b10db6607a72c45a
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
488711fb8b9306e1f0b4e07bd6776defcfb9a23900b8e647dcaf6c89b8111c92
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4d9f007bd92bade92cba88ad02a38cb234945bb765127b37f4b7d63cbb73a5f6
4da0264eb06bf745b6f966d2d477d8aa4ac6cd6884476bb0a40be331d301a486
4ea40feb0b23aef25746f4e72a991eab90a3c58ffbe8ff697eedf86099b37326
5452efa614631b6276a407cef1f06ae28f2373f1b6cc29598c4b711e7c3a0cfb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bc43308446e13c68a4974a91d860039a3efd76afb2050dd6a841633a82d197
57d4332a44be9f1028f6767d26116955c9105401be2770c21b87abe29bcc411e
583393b1f64a621646dd9fcb30029cdb53cac022aa6641bf00c16b0a8da54e92
589bfbac3ce242244924538a111c8b8c565434f9d8e5862abf690f02f3cee191
5aae9441923039d7f8e41f3e31c3682b7a3bff713daab7a3976917789e075aab
5b753e391c80d92e0ec11d1360e3f46a2f23a89e69f6abae3ea9f708720304fb
5be8b675f6be515a17cdc77661697e2ddbd3c12f0670333e44bad9595ea0bbf9
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635f35f854db69ee9e5bf7865279530846ed8dfde42ca0cd60c339aaaf33509a
6663130b125dccfff16f71ae9406a6b58e1039a0a400608bb75f88d04926f0b9
66ff5b6bebc37330b0629e1a4118974fe64962d77d78a164ac07d65958b597ef
6ad6d6224374ae24937b3d100610380e21bd6b8c6a1719a571656297192d2cfb
6cc5a5aee2e70a3f0b4d00c66ae32b5d204fe6b89c821e3d56c1397254070325
6cdcff01131e2c6c02d9f69f2878345faaea2b54b08e5782ed06344809016b42
6f464079f36b6e88fd3e58d4e46cfde869a69585534904cc189e0db2aa7e1afb
707b7733245da93b9dcbc8da20dd2b0bae0ddddddb9d6d6f9af4f531692e66c9
711eae4b6268fae4f961348f072d0c10ba9163df00d5b33eecf0c855e50efa83
716a57edce20c1d25ff83ef0d78954e1ea8cef7d4fd6f4f4f2a20ff5343efd80
7435b9799c3b0fd66e2c7a3eac9b53bd6f5b9ecefc2a1e5ca14ae3acd3df3eb3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74cfbc34106cb0af63847065acf4df0cb3afc9e11dc1a061fc50c42a251afa5e
769c69680198431a0e40d6498e36aca651c2dd498006a2b7b3b46881090f1cd7
7829e009c50a75313a34510ff02878e8c90cb5e6d6405196d8790400a014d78c
7a82d919cd3a66eb6623565d65433eb0d81a4373d43a5625409370d8ae468d29
7aac744494cfcc410c5b6f8c2755d93af1c8f4b7283bd65efa5cd1db0224397b
7ac35b65d420404a06ec2681481fd2c83bc7b50736ae3a0129d6517654400e05
7b3639b990d3b645028fd9832c1680ddffcb1c71c644e3d8d287e66b55dd3f17
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c9a9380a71d6f03112146ff6f5e8cbf5ed7002a9dae6afba3b1afffcaee59cf
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
809a101714fb686418adac12b41dc3bdd4c9ae5445ff31ae69809d43c2b92485
820243123cf64885ef60e9bfb7b7cfbc59d41640776fe12ecb171178d8414699
826f4e5988f41ce39a5492dcf953986f2387e35e3fa982b054ed6c23a3f58b39
82eb88fb448c97f66d4d8f1ce724f2ee4e24367f27439f95a0288bfef04a9424
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88c2d498c6b2669b0ad9ff6897011c5b6f9ca53cfa871ce7229feede7876d52c
89b8ea0b051fb838ab125a9124e3f6cf570dd0d760043f94a8f58c4ffd5e3e89
8b8a496ad90a7167ad6da4018203c40a2dd365a86c5ff47f2788b4337184fe3a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903c92848d4572af9fe24045115d530231aafd8d12699f4059a1a5e3a81a8395
90f64615026c1d8a716f9e3a71736ce79ec4707f2a1c798a5318ae42b45fe604
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
946a5db1e36bf19b0491419e8729d655143af98edab8a45abf74691d16acc00d
94aa9df3215c94711fec18abb66d6629a07f3de313d1e8a1c11f33d5ee754af9
94d7f72ba91c8695d300b503d45f28256e8faa76d5f4c5ad901372c478359077
95ff90478a84550abaf2d39204977314c9988bb166d40aa70fc4b6b24a0203d1
9780b43c6d219f0887382858b796fee8ad6e2a5174b25ebbbc8681cd97d7c51b
9a82970d145dfa98543c25b79a1482aba0aa50c6ea9b648e61fcd61950d0a3a6
9b53b9f455038129d0d1a83c5c3621b8039200007f3e57196ecf12a3a5c72b17
9b6f577b577eeacdc8609b163efa48c6a33924b81dfcfa02f765f98f8745549d
9eafe11fd05e67d26ca48a58c596e3973215d137c1d87e749fdb0bf59c4e3728
a0dbeec4cc12d0406830bb508a6b9d6086c4fcc1aee5e3f7879d9240f9946bf2
a1172dbb7df93d9a1a8aef9f974240abbbb87448dc6c88cecce75140aed98131
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1b21c121d984c1dfb288c50399ba96c0ea0e76047ee309a9f9495d68892ef44
a1d7d8be9e74ed20db735edf7a0c36013396b4b53d8810a8b72a7dc0f6ec32a9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f1ae48fe053af10dfe92fe51f0cbd68404d6cacafd1710413969052543567b
a63691645f04e18f1573dcb17e8389527e9af28d9d1329413f6d004818f58b1d
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a7eff060b8d8aa6e80049aadbccf680f0942342b224c2876ecda0549dc366baa
abb045e469be9b0fe19dcaed4152703acdc22fc33e161d6c7bcafb4e934c83ff
ac7bc64d5169660d812257499528a1768d8f9896d985f536a3c890490131dd55
ad28598412cda2cae04639dce89f0d7c6ccb9c492b8cb9e8066e4a24a4a65e92
addf21471853c23ba575e35023a21b65ee84019e5ee564e90f8670306eba6c5b
ae802955bf699e784b33f66df22eb13c33a7ca1749b556187e323d723a13139a
b02d07888f6088ff402f7986a0d9a05673ccbb43fca158331999ff8017105b48
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d1267f470c1399da3788f58fc567a3d51893463ef29a9f1ea406f15bcb8226
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9327ea0823da1cf46b1f50ac410951cbf75dd5279eeb5a1e6e5d3b11f3c9e17
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
b9ab0d004fd84b7214664f9bbeae7c224d14e8fd4dd359811c0b824353f19742
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c330813ad458f848efd42515b9c58f9073efc4c7b66243bc7a0c1f1cc7692ab3
c337f081bc7164dd90a7fb0650cc8153e1158492029f32473e92053084e8b6ec
c342f234a681f11c065faca63f1f7312c85b3f99b443e4c9dfc808cc7ed66a2d
c36d52ccc12acc9f84fc2e814de7d7734413c946d7ba7d70d8471da626e68a2a
c4ea6e40d09cdb225eee39df0c9e239c0ff76ae73258bbc7c41de1b8c7a7ee5c
c5a4fc747f913296b0c836da23c97a0ef01d4d27aa7dc1d4b9a7f6936941e545
c69148a9f8824d84eb3b29e3091aa6be306e5be5b56934b322639f4050b37b93
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7c01c341cfd90402fe635261dbf86d7dabe510233109c7033e80fc881e58489
c82e661c21d519d52518a1426e1b4e3cc08655f3838c2cac78ed0fcf27a06057
c9527b161777e964b15dffccb5db826fd9dcc9199fdd2122cbff4dfb0f15842d
cb1e135cecec982602dc72cd43ff53c5457c7458ac15620c3453e9c29a881a66
cca49e37178669b87a2c2b9ba1a95942e7c295b4af66931aaaf01383007e05f4
ce167c8c8392d8d61d3ab7da41daaffaf5dbfd4ad152c7e704430b9bb8eb994d
cf1630cbfc01e94c825353856c28a15f2a610108f80b5dd3734a6490a8950e36
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf59eab3bfcf26e852bff1b48936d5436648a0ccda0a73e89cf8d89e2bed32bc
d1b93b57faea67e0f725e300ede5505de565d27cdc9ba1b08a87f61ca2260685
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d7e71d9e9424d1348b6a7ca32f936f2de99b0762aabb27907efd7c6f5a7b66b7
d80fc5d5ce1c97d1d943a3fa51eb38d0ce6fe981024d760eab71d4b30b7bcc1f
d96b9b2602e542e91878e2df499b04963317c786573f1372589f967b42b72ccf
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dab19006b7ebb66c8a4e1ee55e8a622505f1c9b9583f0add3cd0110c8151a59c
db5da1d919f5fe9038e6f13bfa897a10d3ad318ba4e877a93058936e199eb34d
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
deb210424702ae47c2dd90bb4e7156b46c0cd478adf97da9e98ee4b8f497404e
dec433f86aefb6ea272898994194cc39c0252056b46dcb579e0d0ea3709f4b79
e16ca6a98e2c6ff539bcf1c725555325b7a03f89a6f6c15977c01ef457e5d46f
e1c06ef7c34e118c996b12369d8c129a805cd4808262e1e1d7b9ee5a9d143c74
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ee21c330b29a3b7bb0434d1ff890ecc075b3867fa47c9a8334855782068ed2
e534f33cc36f3165e908ce3300e2443e056e8a2b24ee3929f0c9b053749a1bd1
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e7f4ad1714e5300eb2460b6167465ee5d05360ca5c27940c472121bddb24f39d
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecf83f55477070dabf850e522e2d3e588ce77569935372eb5e9b0da0254bef14
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
edf5536b3c26b154e8987055083e20dcd4677dcbfcf40361da7a947579abca6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09d41fb216ef7bd4f7c758d7df2a828beff65bf6fce723902d54c5050bcb373
f1436e3d79b4afa5fe40c230b3ac4b7f6489df7ad9ea4e87b6d1c0c3e1bdb639
f3dcce7778313ca3be950ba662fa73c811101809b251d637361cb197fca126b0
f5fcf5b59ca83f656172d9c6447f73ac6b070eb4784857ca83c2c9b5e5156f08
f7d80a9bb758da9972086f16d7ed3ff83c893d829a23702ad4ae9bb9d1702c73
f902b108291d74e31b41bae078636ec4730cf0bbfce631540b0818079fecb6f7
f9673c83d7ec0320e6e13dbda622f3240cda4e3d5cae2494deecf6ca04814b66
fb00b49e60cf58e6cc9618f253db602e424662f53d71991c51b211c63120c125
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fda3146de8ab338d15cc956689f32f446cb08e9eae500de25c19e0bcc65a2760
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
fef562a681a0bd637d1f3809affaf950474e5141cd1953c1ca0666a11442e2e2

wercfm.iheart.com Open in urlscan Pro 199.232.214.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

298 Requests

87 %HTTPS

26 %IPv6

61 Domains

113 Subdomains

80 IPs

7 Countries

2817 kBTransfer

8005 kBSize

49 Cookies

32 Outgoing links

Page URL History

Redirected requests

298 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wercfm.iheart.com Open in urlscan Pro
199.232.214.193 Public Scan

Screenshot
Live screenshot

Full Image

298
Requests

87 %
HTTPS

26 %
IPv6

61
Domains

113
Subdomains

80
IPs

7
Countries

2817 kB
Transfer

8005 kB
Size

49
Cookies

298 HTTP transactions
3 data transactions