www.wthitv.com Open in urlscan Pro
104.70.81.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Submission: On September 03 via manual (September 3rd 2021, 4:38:05 am UTC) from US

Summary HTTP 183 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 32 domains to perform 183 HTTP transactions. The main IP is 104.70.81.101, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.wthitv.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 7th 2020. Valid for: a year.

This is the only time www.wthitv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	104.70.81.101 104.70.81.101	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.219.80.27 52.219.80.27	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:a800:11:193f:ab80:21	16509 (AMAZON-02) (AMAZON-02)
18	104.16.57.230 104.16.57.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2.16.186.17 2.16.186.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	209.59.156.234 209.59.156.234	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1 3	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.193.167.244 34.193.167.244	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	50.28.54.68 50.28.54.68	32244 (LIQUIDWEB) (LIQUIDWEB)
14	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	18.214.172.53 18.214.172.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	18.116.179.127 18.116.179.127	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.107.105 2.16.107.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.251.98.197 34.251.98.197	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:5600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
183	49

31 104.70.81.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-81-101.deploy.static.akamaitechnologies.com

www.wthitv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.heartlandtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.219.80.27 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a800:11:193f:ab80:21 (United States)

ASN16509 (AMAZON-02, US)

d3gpkdwom7cn1q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.57.230 (None, )

ASN13335 (CLOUDFLARENET, US)

player.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.field59.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com

launcher.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.59.156.234 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: webmedia.heartlandtv.com

ftp2.wthitv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.167.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-167-244.compute-1.amazonaws.com

s.clickability.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.28.54.68 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: web.heartlandtv.com

heartbeat.heartlandtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.214.172.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-172-53.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.116.179.127 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-179-127.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-105.deploy.static.akamaitechnologies.com

ntvcld-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.98.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-98-197.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	374 KB
21	heartlandtv.com media.heartlandtv.com heartbeat.heartlandtv.com	233 KB
18	field59.com player.field59.com cdn.field59.com	3 MB
17	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	245 KB
14	wthitv.com www.wthitv.com ftp2.wthitv.com	1 MB
7	googletagservices.com www.googletagservices.com	236 KB
6	ampproject.org cdn.ampproject.org	119 KB
5	postrelease.com jadserve.postrelease.com	9 KB
4	google.com 1 redirects adservice.google.com www.google.com	183 B
4	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com	248 KB
3	revcontent.com assets.revcontent.com trends.revcontent.com	104 KB
3	ntv.io s.ntv.io	112 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	97 KB
3	amazonaws.com s3.us-east-2.amazonaws.com	156 KB
2	bounceexchange.com assets.bounceexchange.com tag.bounceexchange.com	3 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	38 KB
2	facebook.net connect.facebook.net	67 KB
2	clean.gg i.clean.gg	15 B
2	cloudflare.com cdnjs.cloudflare.com	53 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	30 KB
1	imrworldwide.com secure-gl.imrworldwide.com	461 B
1	akamaihd.net ntvcld-a.akamaihd.net	40 KB
1	google.de adservice.google.de	165 B
1	clickability.com s.clickability.com	952 B
1	addthis.com s7.addthis.com	114 KB
1	cityspark.com cdn.cityspark.com	1 KB
1	spot.im launcher.spot.im	96 KB
1	cloudfront.net d3gpkdwom7cn1q.cloudfront.net	38 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
0	secondstreetapp.com Failed embed.secondstreetapp.com Failed
183	32

	Domain	Requested by
38	tpc.googlesyndication.com	d3gpkdwom7cn1q.cloudfront.net www.wthitv.com 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com tpc.googlesyndication.com
20	media.heartlandtv.com	www.wthitv.com
16	cdn.field59.com	www.wthitv.com
14	securepubads.g.doubleclick.net	d3gpkdwom7cn1q.cloudfront.net www.googletagservices.com securepubads.g.doubleclick.net www.wthitv.com
11	www.wthitv.com	www.wthitv.com
7	www.googletagservices.com	www.wthitv.com d3gpkdwom7cn1q.cloudfront.net 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	www.wthitv.com
6	cdn.ampproject.org	d3gpkdwom7cn1q.cloudfront.net
5	jadserve.postrelease.com	d3gpkdwom7cn1q.cloudfront.net www.wthitv.com
3	www.google.com	1 redirects d3gpkdwom7cn1q.cloudfront.net
3	ftp2.wthitv.com	www.wthitv.com
3	s.ntv.io	www.wthitv.com d3gpkdwom7cn1q.cloudfront.net s.ntv.io
3	maxcdn.bootstrapcdn.com	www.wthitv.com maxcdn.bootstrapcdn.com
3	s3.us-east-2.amazonaws.com	www.wthitv.com
2	googleads.g.doubleclick.net	33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
2	trends.revcontent.com	www.wthitv.com
2	33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com	d3gpkdwom7cn1q.cloudfront.net
2	www.google-analytics.com	d3gpkdwom7cn1q.cloudfront.net www.google-analytics.com
2	fonts.gstatic.com	www.wthitv.com fonts.googleapis.com
2	connect.facebook.net	d3gpkdwom7cn1q.cloudfront.net
2	cds.connatix.com	www.wthitv.com d3gpkdwom7cn1q.cloudfront.net
2	i.clean.gg	d3gpkdwom7cn1q.cloudfront.net
2	cdnjs.cloudflare.com	www.wthitv.com
2	player.field59.com	www.wthitv.com d3gpkdwom7cn1q.cloudfront.net
1	tag.bounceexchange.com	d3gpkdwom7cn1q.cloudfront.net
1	assets.bounceexchange.com	d3gpkdwom7cn1q.cloudfront.net
1	secure-gl.imrworldwide.com	www.wthitv.com
1	s-jsonp.moatads.com	d3gpkdwom7cn1q.cloudfront.net
1	ntvcld-a.akamaihd.net	www.wthitv.com
1	z.moatads.com	d3gpkdwom7cn1q.cloudfront.net
1	adservice.google.com	d3gpkdwom7cn1q.cloudfront.net
1	adservice.google.de	d3gpkdwom7cn1q.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	capi.connatix.com	cd.connatix.com
1	heartbeat.heartlandtv.com	s3.us-east-2.amazonaws.com
1	s.clickability.com	www.wthitv.com
1	cd.connatix.com	1 redirects
1	fonts.googleapis.com	www.wthitv.com
1	s7.addthis.com	www.wthitv.com
1	cdn.cityspark.com	www.wthitv.com
1	launcher.spot.im	www.wthitv.com
1	assets.revcontent.com	www.wthitv.com
1	d3gpkdwom7cn1q.cloudfront.net	www.wthitv.com
1	www.googletagmanager.com	www.wthitv.com
1	ajax.googleapis.com	www.wthitv.com
0	embed.secondstreetapp.com Failed	www.wthitv.com
183	46

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
my.textcaster.com
www.bbb.org
trends.revcontent.com

Subject Issuer	Validity	Valid
media.heartlandtv.com Go Daddy Secure Certificate Authority - G2	`2020-07-07` - `2021-09-05`	a year	crt.sh
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-14` - `2022-01-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
assets.revcontent.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.spot.im DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-26` - `2021-11-30`	a year	crt.sh
ftp2.wthitv.com cPanel, Inc. Certification Authority	`2021-08-19` - `2021-11-17`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-19` - `2021-11-22`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.clickability.com Go Daddy Secure Certificate Authority - G2	`2021-05-12` - `2022-04-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
heartbeat.heartlandtv.com cPanel, Inc. Certification Authority	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2021-08-29` - `2021-11-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tag.bounceexchange.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Frame ID: 9B9290C462C6D018AF4510BD9A1E163A
Requests: 102 HTTP requests in this frame

Frame: https://cds.connatix.com/p/128366/connatix.playspace.dc.js
Frame ID: C68A289BA4C52726717DE04782CD3445
Requests: 2 HTTP requests in this frame

Frame: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 458A72704C43BBE351591AF8180E780F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusHDLbu7_cnTOXDV8yXBhDvNaIz2mePFwVgAyX2yjgEVDE9oEozbre6_1R-L6f9EeNnJzsub-hcyJZEB-3vpwuzkMYlECUd3C9X0kW57S1nuzZ77ef0k9v08yNlBi--scpgLCkPjLVkBItjcadf1vEh521LN37gy4k6HJWy6YzK4vm2RsfidnCRYL-WtxsFIIK-RtoapG6WuBm9ePPUH5xj28M1gp0Em7qvkOaCfp95_rQ6PENMBvwTRsvrSWXmiRM3K4dhvCvBJPM6i9G2ZuupgHrPdPbW6FrhtfD-gZ7v0nImqov1o-sM3B4NsyrWb-Cb0fVWb0&sai=AMfl-YS07H2xJmWFXbvQaHDQhmOJBR9I9Wr0B43YkWF70HX1e8gzDE7sr6PBHFEYXwBHyyKedP57ew6uFhsWzIX70quHYjJerjK4gs_KgbatwRyUzqmZ8jNLE4FYgbMMFwA&sig=Cg0ArKJSzB9pb1x0tDE4EAE&adurl=
Frame ID: 3135B2D413253C57DAA2862CC89DB7B4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR53nzwIYJv1G5Z9-Y70iVwns--W14Tzx5JJe2sosBElawrm3Zxvwc6w8XLxLIIrztpasR1Uk1TQzcfjcjXEwp4C9hEQHZpLqYoqJFS5i_DxFJ4UuG6xg9CKFzEMUfg1UkYYmuU02GtTXc2CfhSg3kPDrYdDcThTIEJowR0vrcUbfslUGdZND_7YBwzhWCTLPM3fz0KmTCnbcaqFSDDkmH8Qdbx5rOemWLzNrtNPqAHxjeGBrdG-_s3A6SCeZyrOBsN0K2J-d5UIlw4prxrFXAwNIFBNxFRSMTZj3-ojdCWB98RXwI8xy4rNyrPnwGKv-46Pejncw&sai=AMfl-YRtQ3HnEgy_mNKbnnP63ZeK69FGSW2ZsOqEK3uLUrg3OFTaHXR-BbgP7jiEp4Tv7YaR6xcEFzGHVxY1NRgEnHQIarMb3l8j9Nm2mMsQXrNFCLDO6Gi7PQNqywDGKwk&sig=Cg0ArKJSzBkt6t_hYl-KEAE&adurl=
Frame ID: 7B580C21491DE12B1399CB6800D73220
Requests: 8 HTTP requests in this frame

Frame: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7965F331A1AE751E36AE95E1A535A090
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmgWagUbThBTVXmm7_DJ8GlFrMC8v3K2dzmIgPk9GlCW-lumHUQv3RwBDv3phsSsm-A2_sQxsdpKi5a7uedtv-5chTgB3jO8i-s0VP0bxle44C9g228jJbhCU2NkL6T1FsgMLmems9ka7Rb5aKFzcDQidcffCt_sJ3F3nLei4z04B8hhupMduBJ1Vgwr1uKeb77SNNp2q1WT5a2r2sbzdUUW3PSA-mFUFQ1T3WDw_0r4C8dG8nBKbgt6sKRKoecrZa8bPgSDYTyi2e7T7GFWNK3KhJ79MF30kvLdcJg7HniCRexbElHEUi6tNSChEu&sai=AMfl-YSO0o9IXxR96vfOQ3YrToGDxoEa1mNC3XlUNFlyeHjREM-e6Se5VnJKOlJLipaF6Kwocm7S0WD4VlUWo4_RKnQea8Wn10sBiuWG6kwCs8jeCwsM6_rOyw-JgSx4V9g&sig=Cg0ArKJSzIQqAQ8k4WXHEAE&urlfix=1&adurl=
Frame ID: D7FFD3870B4278CCD3C421DDBD7AA972
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 7433A93F2636036DA8C3F840E902114D
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuyVCnl-YIwUs6wqweaIJ-ZJV_jAEeppabkbXyxoMMoYLHyMnUqxkA-16nOzLp70T1QSFQbdexqDc81jU65OHy46Ea5_pOMULxwse1xsU1amM-8Hm9ugXCbDGikbYnfhVR5JtV0EHClqtNRI3RFTsI50ud0yv2O6O13bR4eexsWUD1PgUBfipz2c1irz-XJGVnwbD9YfQV5zjSWTFZFn8VLWQyCiH8Gzebfz5JJ_TMdX-lzZHHUB0m4Rxo1fsc4GkSg4iM9mRKaQcMShaISmLe-5c9ydCUW-jjPvjFgaus72vPWALst_VplmEzj86wfyx3DnL3nHI&sai=AMfl-YTt677e9jk3PqUqrMdGf0mDPVFtTeABI_gZVJ5F53RWGCmYI3zzhjACpvU3Xok5c8fhqeGzMJq7z9HYkyFoew__AtrsDGfhtBfG4fJKtXNjO1xygcrgyQjsndCoDR8&sig=Cg0ArKJSzJg80TpXps5eEAE&adurl=
Frame ID: 9925C292B7BE353F7D36644051C8320C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html
Frame ID: D3C2BAAB44E3C6201ABA2850BE9BF5E3
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9B061C7FA29E31D62BE9204193707970
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SCAM ALERT: Fraudsters claim Apple iCloud breach to steal your info

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

183
Requests

97 %
HTTPS

58 %
IPv6

32
Domains

46
Subdomains

49
IPs

5
Countries

6879 kB
Transfer

11735 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/c/WTHITV10
Title: YouTube

Search URL Search Domain Scan URL

URL: https://my.textcaster.com/asa/2913
Title: Text Alerts

Search URL Search Domain Scan URL

URL: https://www.bbb.org/
Title: Better Business Bureau

Search URL Search Domain Scan URL

URL: https://www.bbb.org/scamtracker
Title: Scam Tracker

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=zBLuVQzMx9SqU%2BuMYMBQdxLJipYZ%2FEbghnJXXCAxkeFcTKXVvRJ%2B%2FpMcAi1HCDanQy2d110y6fmzwC3kz%2FP2f9LLbqRzxQBelr2awL6HW47cVGg3nE4NyA849s5ZvCUsK5hpjtXhlZUywONqnlPc%2FDFnO%2BP5OOGuHuexc5lY9%2Bvn5rruOJs%2BQ8EZ%2FGOn8FiLq2HVYU7MgHRGCVfhvV1BmRTPVys7bLP8uufuOkbhwNHb%2FAhgePeblTVMKRYZaO3Ge9dQPcyUGx3bVPfzN3ma%2BQy1nuiqs77HPP8dH85NbQDyHRQ%2FXaD7Y1Sucsat7S9sI82evmcxeIX8DQLwQCB2GUrQaqbRWijqrItoavDqvzrthJ0021ky3uSwgYD0nX1nj4SJWLWO9OYG2yeQCEHYlArzHQCL1ToLjxPmBMTte%2FKnHLpb0sikbxWwqJTbPxCX3bySY7ryG77A%2FE%2FviCtpvquGBdE0qNBnr3GumeEtUHvmDzWRn4%2FAv%2BHvX0c%2B5Z7aNOn9K2gUQN%2BwFuim%2FctcD46mRLns%2BjfsBBp3Ak6MTrX3bh2SuggX9YqXsSGu3aZff46YE4MWc5QaPnhJPljIy8D2GWjDHtlXQ5THcaLu6vcosENilAVO4CwrB0JppfkDV98r0sCQAEwR6mSxWVU4V9ISlIsMk7vziOfl7MHwJoTZ624PdjgdyPpc4xaOknglyoDHVu05dFZYLKz%2FI9Frv4RS98DYFbnmPz4n%2B9NFi0PnmZ5d%2BDaRRfBnQZOoeBxtJYNL%2FDIhTCONw8KC7Br6o9aOnqJQaXWjwkfneEU1H6LQ8XGI2Hhfjs%2B0TULJl0FTrqGTzBzXptNY17r7P1HmmjUtCWEB3zKfAgYicS980002cwdRX621o%2BGZVqMDWr2jkRUIeJ04j6pbIQURgO%2FpoWBu3B5A3%2BBZzaEizhTWdzOw7qixKOq90OTIh8pv5629&s2s=1
Title: Sponsored Content

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/128366/connatix.playspace.dc.js

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

183 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html Show response
www.wthitv.com/content/news/ 114 KB
21 KB 621ms
512ms Document
text/html 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b8759c1d629ee697b371247885b4516a80a535c3a67199848ab41b305a11372

Request headers

Host: www.wthitv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server: Apache
Last-Modified: Fri, 03 Sep 2021 04:37:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Name: az-cmlive29
Content-Type: text/html;charset=utf-8
X-Cache-Lookup: HIT from cache.clickability.com:3128
Content-Length: 20293
Date: Fri, 03 Sep 2021 04:37:28 GMT
Connection: keep-alive
Set-Cookie: click_mobile=0; Domain=www.wthitv.com; Expires=Sat, 04-Sep-2021 04:37:28 GMT; Path=/ f5avrbbbbbbbbbbbbbbbb=KKIDJKILALCMINIJNDMBAOIFBOOCBGLKOJGCJDIMFDIMHLJCLEDOEGMBCBKLPIBIAKLGLDOLKBMDOPPMFMEFONKPIJFAPNHLPGOAPAMPLFKCBDMGDKKBKMLFHDPHMBIN; HttpOnly; secure f5avrbbbbbbbbbbbbbbbb=CGOFBNAGHAIPEDCPAFOFNLHJJHFCELBIFFONKBJEDPDLCCOBLCPONHDHNEIJOKPPGGPFMAGEEPMDCGEHEJHCAPLKFAAAMODHPGFECKIGMMCPOALDDKFIBDGBONBMHBBG; HttpOnly; secure

GET
H/1.1 200
OK vendor.min.css
s3.us-east-2.amazonaws.com/heartland-css/ 121 KB
121 KB 474ms
131ms Stylesheet
text/css 52.219.80.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/heartland-css/vendor.min.css
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.80.27 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3d9ccf39c14168986c8c08c9ebca94269c87cfb2db18bb8ca2fc6b85d9511335

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
Last-Modified: Thu, 16 Aug 2018 11:42:15 GMT
Server: AmazonS3
x-amz-request-id: S3MY3CDZTH1ZE1GH
ETag: "bc620c9f0838faf74af47156629c5cd2"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 123493
x-amz-id-2: 21MUwUc4d72Vjv5mksSSRuJAY2Royjm0Tnequ9Y6WDgxBJg/XiSrCB8G3ZdZE4EHXEjEPF7Puls=

GET
H/1.1 200
OK styles.min.css
www.wthitv.com/includes/ 173 KB
33 KB 45ms
42ms Stylesheet
text/css 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/styles.min.css
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94db4ddc3645556e1694e4222fb052423b20485050cc2ed54f4d5117f5619fcc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:28 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Wed, 01 Aug 2018 18:20:25 GMT
X-Server-Name: az-cmlive32
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Content-Length: 33088
Server: Apache

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 15ms
13ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 2536482
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40b2c5e257c44c41b18e54bb6d5c182e
cf-ray: 688c48772a1c0eb7-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK heartland.css
s3.us-east-2.amazonaws.com/heartland-css/ 12 KB
12 KB 473ms
132ms Stylesheet
text/css 52.219.80.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/heartland-css/heartland.css
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.80.27 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ecbf8ef5982068a28613af44ce4955a5d0b19e8c274cb1c39282edd4b9a2782

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
Last-Modified: Tue, 06 Mar 2018 17:29:01 GMT
Server: AmazonS3
x-amz-request-id: S3MHKH8ACC7G6QNX
ETag: "e8dd3f455d5900159fec5be7891ab42f"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 11904
x-amz-id-2: iINufbtRpU1uFm9vNH/L25v9HhU5px3QC1bEGWHkXPgYAjHWQaI1gVrU4kZWXmJ+FQxpVh6hoMs=

GET
H/1.1 200
OK bootstrap-grid.css
s3.us-east-2.amazonaws.com/heartland-css/ 23 KB
23 KB 470ms
128ms Stylesheet
text/css 52.219.80.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/heartland-css/bootstrap-grid.css
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.80.27 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94a4f339f46f66d24a75fc71782aab04965fc941e839258905749ecbbdaacacc

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
Last-Modified: Mon, 06 Nov 2017 23:25:12 GMT
Server: AmazonS3
x-amz-request-id: S3MH7WT1YPHY1WHG
ETag: "51db714d43b5e36c818e1dc54d813da8"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 23092
x-amz-id-2: LpsivOWfA+xx1eD4Kwei3TiH7YyA3PnzF8miVbKLqmF7zBHE6VZO+NZnYGewHAwly3wZs6P3xVI=

GET
H/1.1 200
OK Cookie set smart-app-banner.css
www.wthitv.com/includes/ 6 KB
2 KB 429ms
378ms Stylesheet
text/css 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/smart-app-banner.css
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 405075821d150ecec62181a1e9afcb5943b14ebe6359a8c7e8264a3aa2f48b30

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Tue, 16 Jan 2018 16:42:00 GMT
X-Server-Name: az-cmlive28
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Set-Cookie: f5avrbbbbbbbbbbbbbbbb=EOONMKEECHFHDEMFBBFNACJEAPOCNIIHGPBPJPGGINAOCPNNEGCLHOMMMAAIMDDNMLDPMIGOLLCDPCIGHBOHPHMPFKCACLLHAGEKOMAAICPKBMOLEKAPHFFPAGBMKFID; HttpOnly; secure f5avrbbbbbbbbbbbbbbbb=KFNDJLOCDDNEHDMDMHHKMKCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGAFDGGCMJBJEDMJPHKAOGGBDEEIGADBJEAGOHAFMMGKFMANOHEKCKHGPIMBJBFJLB; HttpOnly; secure
Content-Length: 1314
Server: Apache

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 09:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 09:31:08 GMT

GET
H/1.1 200
OK Cookie set modernizr.min.js Show response
www.wthitv.com/includes/ 8 KB
4 KB 335ms
280ms Script
text/javascript 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/modernizr.min.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e972d187856b7eecff4edcf05b77397ffd09ffebbe19e44e7153d195d65fd48e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Mon, 06 Nov 2017 11:49:42 GMT
X-Server-Name: az-cmlive28
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Set-Cookie: f5avrbbbbbbbbbbbbbbbb=JDJJLHIMNGACOIHCGDPFDFFOOCJGBANKGMAJCAPIEOHHPCELNIGMGDGJIEJGLBMKJANNMFGJPGEDODMFKECNNIMMJFPAFAGDAGPAKJIAMAJLCNBLEKMJEMLOLCOHDKND; HttpOnly; secure
Content-Length: 3341
Server: Apache

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 373 KB
109 KB 107ms
40ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 17cac471d53d5a48cebc28f051a469f8a9c67ce52c676c8c236fd09f4dbb2b8d

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
x-amz-request-id: H4XC46FN9N863XRJ
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 3aZL/gCw7PGEveyQSzsqmEBWPGkY3B2dcLt7TwTDbiccyxeo4NH98KrdzBEEtJ7zee0Fw3jKJM8=
Last-Modified: Mon, 30 Aug 2021 22:04:45 GMT
Server: AmazonS3
ETag: "029ddeeb9249d407a308f776f4975a7b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54612925-18

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80082a57c082e53fb616f40368e02c5851de65d0bdc5874b7570fc8c795b4f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41214
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 03:45:40 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Sep 2021 04:37:29 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c19ea99174525fe7e0d322b6ef4e519866c3615cdadc9b91e1d0b9d89ed8536b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "976 / 201 of 1000 / last-modified: 1630634582"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24986
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:29 GMT

GET
H/1.1 200
OK smart-app-banner.js Show response
www.wthitv.com/includes/ 17 KB
7 KB 93ms
34ms Script
text/javascript 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/smart-app-banner.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c6790a64a8179819745c8ffd13e3b25b2e2e6b7bde326b0eebb1ae5fa05dcb97

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:28 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Wed, 20 Dec 2017 13:00:17 GMT
X-Server-Name: az-cmlive27
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 6746
Server: Apache

GET
H2 200 script.js Show response
d3gpkdwom7cn1q.cloudfront.net/ 117 KB
38 KB 39ms
8ms Script
application/javascript 2600:9000:2156:a800:11:193f:ab80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:11:193f:ab80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1adf50c19280730f47b7ddb5247d995ca12126efa624087021c1e51f1556b4c

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:30:27 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 21:12:43 GMT
server: AmazonS3
age: 441
etag: W/"6c0ef928deeec947e8b7ab5ebde895c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g6geSIo864vKVIhaQ0nfE4py7nM0W4t24rCwp7cfp7Gy3IpZd_XBNg==

GET
H/1.1 200
OK WTHI-Site-Logo-300x100.png
media.heartlandtv.com/designimages/ 26 KB
27 KB 397ms
302ms Image
image/png 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/designimages/WTHI-Site-Logo-300x100.png
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f9a41d339485b96251bdba3d0e2af8f05d0403a4e1469de4296a6f1d21d76bc2

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 01 Mar 2018 15:16:14 GMT
X-Server-Name: az-cmlive32
Content-Type: image/png
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 26809
Server: Apache

GET
H/1.1 200
OK WTHI-Site-Logo-480x100v2.png
media.heartlandtv.com/designimages/ 29 KB
29 KB 223ms
134ms Image
image/png 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/designimages/WTHI-Site-Logo-480x100v2.png
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1593e04810a63562337dbf6d5bc30eb9be5e2193e3546ab6fa672cdc11163f21

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Fri, 03 Nov 2017 14:49:12 GMT
X-Server-Name: az-cmlive27
Content-Type: image/png
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 29449
Server: Apache

GET
H/1.1 200
OK lightbox.css
www.wthitv.com/includes/ 2 KB
953 B 123ms
122ms Stylesheet
text/css 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/lightbox.css
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7bab0b0aeb5a83cc186a91d60fef8f6b92a645981239e697fec6fa99701b6688

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: f5avrbbbbbbbbbbbbbbbb=KFNDJLOCDDNEHDMDMHHKMKCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGAFDGGCMJBJEDMJPHKAOGGBDEEIGADBJEAGOHAFMMGKFMANOHEKCKHGPIMBJBFJLB; click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Tue, 31 Jul 2018 20:11:28 GMT
X-Server-Name: az-cmlive40
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Content-Length: 623
Server: Apache

GET
H/1.1 200
OK lightbox.js Show response
www.wthitv.com/includes/ 14 KB
5 KB 123ms
123ms Script
text/javascript 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/lightbox.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 124a7bc302b75a4c92afb4ffb09b9f3af0913f9f96b9dfa4901e7d011eab3c47

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: f5avrbbbbbbbbbbbbbbbb=KFNDJLOCDDNEHDMDMHHKMKCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGAFDGGCMJBJEDMJPHKAOGGBDEEIGADBJEAGOHAFMMGKFMANOHEKCKHGPIMBJBFJLB; click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Tue, 31 Jul 2018 20:20:18 GMT
X-Server-Name: az-cmlive36
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 4337
Server: Apache

GET
H2 200 ca2f8683f58d28e3202c29bb9c5f9330f94e444b Show response
player.field59.com/v4/vp/wthi/ 5 KB
3 KB 341ms
185ms Script
application/javascript 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/v4/vp/wthi/ca2f8683f58d28e3202c29bb9c5f9330f94e444b
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311a0bdcaeefcc5a1f7bfd5e4559c0a40e3ecba469638b0d6c850dc486f233f6

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 03 Sep 2021 04:52:29 GMT
cache-control: max-age=600, public, s-maxage=600
cf-ray: 688c487d4a45061c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK scam+alert+MGN_640x360_90731C00-MEZOS.jpg
media.heartlandtv.com/images/ 56 KB
57 KB 376ms
284ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/scam+alert+MGN_640x360_90731C00-MEZOS.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 22b70947edf0574af9b7254944addc1f831cf638170bdb825db5c84b921a223e

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 13 May 2021 10:30:05 GMT
X-Server-Name: az-cmlive26
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 57855
Server: Apache

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 367 KB
104 KB 73ms
22ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa42b1086ad9ef3d2a118401968bf4f2e649ecffe09eba5e8762e6d3cab5d40

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:25:51 GMT
server: AmazonS3
x-amz-request-id: 65S82DYA8JSJ2BMS
etag: "2831e7b1389fae89c85089cfcaf56056"
x-hw: 1630643849.cds132.am5.hn,1630643849.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 105639
x-amz-id-2: 3URrQ3Fg7UCBzLh40xZE7Ev91aLz/Y93XN2JScF5eKkkWl3SRj6K8L5kBzwSo7bv6+ur13Gd/UM=

GET
H2 200 sp_YBqvnQHb Show response
launcher.spot.im/spot/ 424 KB
96 KB 426ms
351ms Script
application/javascript 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://launcher.spot.im/spot/sp_YBqvnQHb
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: f7cf4e540eee76e65ef5220e90626e072e0ead8ec950a8f1afe4202045699749

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: br
server: fasthttp
cache-control: max-age=14400
content-type: application/javascript; charset=UTF-8
content-length: 97471
expires: Fri, 03 Sep 2021 08:37:30 GMT

GET
H/1.1 200
OK 33.png
media.heartlandtv.com/designimages/ 3 KB
4 KB 377ms
308ms Image
image/png 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/designimages/33.png
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 31877d406baaf14e4fd6f3473c34baa060504eaafcb745128774663ceaea89dc

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 18 Mar 2021 02:31:50 GMT
X-Server-Name: az-cmlive29
Content-Type: image/png
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 3470
Server: Apache

GET
H/1.1 200
OK 27.png
media.heartlandtv.com/designimages/ 4 KB
4 KB 364ms
294ms Image
image/png 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/designimages/27.png
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c9190041dcd8d9af1d965e7a267ebf02fcbf606e7a3c798bcb4b55a76b80e0d

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 18 Mar 2021 02:31:49 GMT
X-Server-Name: az-cmlive29
Content-Type: image/png
Cache-Control: max-age=28
Connection: keep-alive
Content-Length: 3901
Server: Apache

GET
H/1.1 200
OK Day_Planner300x169.jpg
ftp2.wthitv.com/weather/ 240 KB
241 KB 370ms
119ms Image
image/jpeg 209.59.156.234
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ftp2.wthitv.com/weather/Day_Planner300x169.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: webmedia.heartlandtv.com
Software: Apache /
Resource Hash: 03ffd2a4fc20485fe83ffc04edd468f092bea77609c040f288070f727c8152bb

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Last-Modified: Fri, 03 Sep 2021 04:00:41 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 246218
Expires: Fri, 03 Sep 2021 04:42:29 GMT

GET
H/1.1 200
OK 2statetemps640x360.jpg
ftp2.wthitv.com/weather/ 368 KB
368 KB 365ms
121ms Image
image/jpeg 209.59.156.234
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ftp2.wthitv.com/weather/2statetemps640x360.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: webmedia.heartlandtv.com
Software: Apache /
Resource Hash: d75d46c4c758970dddb62d2ab2de92d49e6e31dabd9a378d91da0032ab24d09d

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Last-Modified: Fri, 03 Sep 2021 04:30:07 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 376990
Expires: Fri, 03 Sep 2021 04:42:29 GMT

GET
H/1.1 200
OK 2_State_Radar_300x169.png
ftp2.wthitv.com/weather/ 365 KB
365 KB 357ms
120ms Image
image/png 209.59.156.234
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ftp2.wthitv.com/weather/2_State_Radar_300x169.png
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: webmedia.heartlandtv.com
Software: Apache /
Resource Hash: 9e689e6845b6db4ced1bbfcff8d11582ee62530584d9bb442944c3a6dad39c91

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Last-Modified: Fri, 03 Sep 2021 04:30:01 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 373637
Expires: Fri, 03 Sep 2021 04:42:29 GMT

GET optin.js
embed.secondstreetapp.com/Scripts/dist/ 0
0

GET
H/1.1 200
OK Honey+Creek2.jpg
media.heartlandtv.com/images/100*51/ 3 KB
3 KB 180ms
128ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*51/Honey+Creek2.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f4ab761de79f35a39db945fc296aff7e03dd3b4948ab8abce7eda1a1fea0122f

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 02 Sep 2021 15:49:27 GMT
X-Server-Name: az-cmlive29
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 3053
Server: Apache

GET
H2 200 6fd654575b1f7fd707446ffbe0adc3f575a6f117.jpg
cdn.field59.com/WTHI/ 187 KB
188 KB 195ms
34ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/6fd654575b1f7fd707446ffbe0adc3f575a6f117.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116659034a562584e146377aa65e67232ecda7921c01d4cbf3b24b73f12333b8

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 47733
cf-ray: 688c487fa8404aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 191889
x-amz-id-2: 8tGaRyi78sA1wwQgxdsg1CiDeh89UT3h4eSB4f5KwyAFoh5+tXhg9sWIEoAaywHPtx8JXpusxQs=
last-modified: Thu, 02 Sep 2021 13:26:08 GMT
server: cloudflare
etag: "ed41d3f9b419d98a2a4d09650da6f066-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AJ65JDP2PM9E4MT6
cache-control: public, max-age=2592000
x-amz-version-id: UEDGErtReYneda8zfCvzSCIKf_p0eSIQ
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H/1.1 200
OK Climbing+Cafe2.JPG
media.heartlandtv.com/images/100*51/ 3 KB
4 KB 296ms
294ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*51/Climbing+Cafe2.JPG
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5d1fcda7a5e5eff6c32eafca4fd696c1de5d7a678e0dacfc038c907102b27e52

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 02 Sep 2021 15:42:33 GMT
X-Server-Name: az-cmlive37
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 3505
Server: Apache

GET
H/1.1 200
OK Haney.jpg
media.heartlandtv.com/images/100*66/ 2 KB
2 KB 116ms
115ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*66/Haney.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cadced06504d8b02fc7c34021809e277b8add172cce4a25c6dec97c09fba0f8

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Wed, 29 Apr 2020 16:10:50 GMT
X-Server-Name: az-cmlive35
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 1784
Server: Apache

GET
H/1.1 200
OK Chloe.jpeg
media.heartlandtv.com/images/100*56/ 2 KB
2 KB 166ms
165ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*56/Chloe.jpeg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6c4a662be25a99547a4e736867a2a13c96b29aa19741a42cd9fe62341e827610

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 02 Sep 2021 17:41:18 GMT
X-Server-Name: az-cmlive31
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 1680
Server: Apache

GET
H/1.1 200
OK thirst.jpg
media.heartlandtv.com/images/100*75/ 3 KB
3 KB 116ms
116ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*75/thirst.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0acf52fc99d677bbac5e8c2627b85f46c2846c5cec6d48122eed33a81d877802

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Wed, 01 Sep 2021 23:19:44 GMT
X-Server-Name: az-cmlive32
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 3077
Server: Apache

GET
H/1.1 200
OK Tubb+crop.jpg
media.heartlandtv.com/images/100*62/ 6 KB
6 KB 123ms
122ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*62/Tubb+crop.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 46d003d6eb12a412d2caf304af859a1a7bbf7388d5d99d17261582b0fd5686be

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Fri, 03 Sep 2021 00:06:12 GMT
X-Server-Name: az-cmlive32
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 5657
Server: Apache

GET
H/1.1 200
OK hypatia-h_da2bc352c0012ba76e9305303fc51260-h_ff45bf78c07194d1891813cd34f57712.jpg
media.heartlandtv.com/images/100*56/ 4 KB
4 KB 116ms
115ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*56/hypatia-h_da2bc352c0012ba76e9305303fc51260-h_ff45bf78c07194d1891813cd34f57712.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0b9befd55dc3666f32c277da525391f6f4b7923102325df29068efdb7cc3ea2c

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Fri, 21 Aug 2020 17:46:23 GMT
X-Server-Name: az-cmlive29
Content-Type: image/jpeg
Cache-Control: max-age=29
Connection: keep-alive
Content-Length: 3611
Server: Apache

GET
H/1.1 200
OK 13398682_G.jpg
media.heartlandtv.com/images/100*75/ 2 KB
3 KB 125ms
125ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*75/13398682_G.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d81169ff6bfcf16740e9e7aa45d2177628cf07f261a4e79a0ca1c99a8bf4b81f

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Wed, 01 Nov 2017 14:40:27 GMT
X-Server-Name: az-cmlive37
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 2380
Server: Apache

GET
H/1.1 200
OK Little+Italy.jpg
media.heartlandtv.com/images/100*56/ 3 KB
3 KB 121ms
121ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*56/Little+Italy.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6276173fd26f3d9db77441295d696c760974fb85f3b5b71b1da92ef1b79fe866

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Wed, 10 Jun 2020 16:11:21 GMT
X-Server-Name: az-cmlive29
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 2821
Server: Apache

GET
H2 200 13294da8debb385e7bb5b0c95454c0a0bbbd5d71.jpg
cdn.field59.com/WTHI/ 194 KB
194 KB 224ms
63ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/13294da8debb385e7bb5b0c95454c0a0bbbd5d71.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f06b8d68628e6c2c0dc50990244cffd171be84e9524b1b6074b01ec100de74

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 3187
cf-ray: 688c487fa8424aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 198497
x-amz-id-2: B93diaTfbVgCxbcb1Wva2cI4RziRtV+CAJxgEof9W6zIOCI7So24Vi2FATXMFctC+Y54mVt3sLE=
last-modified: Fri, 03 Sep 2021 03:33:40 GMT
server: cloudflare
etag: "3e5502a13b4c12d607509df8d7852184-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: DKVMPPB0DG695SGB
cache-control: public, max-age=2592000
x-amz-version-id: bmWiHlICk2MxzqUJu7JB8Ib6psta..6R
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 8f519844245f011cd6b6cd8ece6f6be1dd304365.jpg
cdn.field59.com/WTHI/ 188 KB
189 KB 215ms
62ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/8f519844245f011cd6b6cd8ece6f6be1dd304365.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af021230e6545c69cb57a70ac3c4ae7e1afc72e0e948a37ef6a7a16fe3ade686

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 4517
cf-ray: 688c487fa8434aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 192711
x-amz-id-2: +1PKY9YA0uoZ05hJc+YZ+AFKWEvRR4M2y9fH0iVPRg/zH//enKRHNjIegvxCRiSQ17xgzSThnnQ=
last-modified: Fri, 03 Sep 2021 03:11:48 GMT
server: cloudflare
etag: "e86a6f75f8838b4cd4fb908dc583d223-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6QE4KP7FA8SKGYF5
cache-control: public, max-age=2592000
x-amz-version-id: ZV9sprkhXxeOQ.5BNGi73Sdb0Abk6dVh
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 f919c001953fb0ff9d6671ce4971ee5fe6fdc647.jpg
cdn.field59.com/WTHI/ 204 KB
204 KB 292ms
140ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/f919c001953fb0ff9d6671ce4971ee5fe6fdc647.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b4ab1610bb54a156dbb13000b24c054102b084a4633ac16bd0777f2ba19a0c

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
x-amz-request-id: 6QE7YXA8NEV11F2V
cf-ray: 688c487fa8454aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 208548
x-amz-id-2: p/YPJv/TtvKmkGxPJDtq1mcYDA4IfemVI1D+SmclRk3XyX1/R9CSVb30k0ihKKiqCEKTSQz7+EM=
last-modified: Fri, 03 Sep 2021 03:12:02 GMT
server: cloudflare
etag: "648b5af1266ebbe5acdb4fa894c5dcd8-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yQALYHACWZpSHgrBU9gyG35FP.4HbpvM
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 a2f8acea35210a8905a0626bbeff9552098daaca.jpg
cdn.field59.com/WTHI/ 224 KB
224 KB 33ms
31ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/a2f8acea35210a8905a0626bbeff9552098daaca.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9bbbc70ed3f26319435f99b6c88df191ed9fce1b455bc3a60cce718e8202cdb

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 16558
cf-ray: 688c488099654aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 228961
x-amz-id-2: wYzaZAnzw1s2ObEb8QK4zQCbCFMG/BOYojWMNBCua2gU2DICjx50gWUVwENaN1Jp2SbXT66uwzw=
last-modified: Thu, 02 Sep 2021 23:32:26 GMT
server: cloudflare
etag: "57a814d3dc052b967d105f130360ffac-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 2CDF78D4FACS9RZ3
cache-control: public, max-age=2592000
x-amz-version-id: EHhj66nTkoV8QAiRDTvbcs2zhgOQ_L1F
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 44769edc09dfe62cfc87f92e8a0438f8e8a03236.jpg
cdn.field59.com/WTHI/ 99 KB
99 KB 34ms
32ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/44769edc09dfe62cfc87f92e8a0438f8e8a03236.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a68e38b5b6fee73462cccba26ac9bf3f456e1125ac410c3fa173c64ca126ce4

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 16558
cf-ray: 688c488099664aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 101312
x-amz-id-2: 3HEAopQWX/qdfm3qou6UfEbKOTThCb+3PoJXRlg/FmkwpPlScWqFsQGB6jeq4foB/6uqQBX24uU=
last-modified: Thu, 02 Sep 2021 23:12:56 GMT
server: cloudflare
etag: "96b3ee461a824f446ed184004491674d-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: D7VF1ACJTGS9VAZH
cache-control: public, max-age=2592000
x-amz-version-id: WbsWWQW876Et_sXfAmw5KxE98uoS_rQ9
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 7b47de9cdc83b31d77bee149a2132450b3f5768f.jpg
cdn.field59.com/WTHI/ 240 KB
240 KB 58ms
57ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/7b47de9cdc83b31d77bee149a2132450b3f5768f.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c5f405dccdd142a76afb0250d6c1d0732460e86676df73c6c57cb62198ba17b

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 16558
cf-ray: 688c488099674aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 245769
x-amz-id-2: ERbLBB0+GePYlLa0nY90riU7v78ejQsAjXvEeXLOKMkFBjWntkqPdOdQmssmSjfkEF9AZXmBAfc=
last-modified: Thu, 02 Sep 2021 23:07:20 GMT
server: cloudflare
etag: "61a9210775d1180f2cb448cb03fdb1b2-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: TMXV1SRGG10S6Y1E
cache-control: public, max-age=2592000
x-amz-version-id: ZevRoPBQquRIrgFsbCmVpRwkL_K.n7l.
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 bd5c59d5a6f24e4f242f475f75db40130fb515e5.jpg
cdn.field59.com/WTHI/ 171 KB
171 KB 58ms
56ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/bd5c59d5a6f24e4f242f475f75db40130fb515e5.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f391fec8d3f6ea6f4af6d7f83df545a9bb39248b77b26ab835839d6799684ce

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 16557
cf-ray: 688c488099684aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 174984
x-amz-id-2: eBEOV9GOIGQBY7jOHLpwQNRL4t3KbrJTx8YGOuVi52up+iWbw35FiUFvqt5rG3c7PI4vAW+9gfQ=
last-modified: Thu, 02 Sep 2021 22:58:20 GMT
server: cloudflare
etag: "1d213449aab3ecf56f2d6afa665a7c32-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BW76N7SH331J5FVJ
cache-control: public, max-age=2592000
x-amz-version-id: Nl4n3fI0Gmt2ngxOijAYUpY9ytNED6_O
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 5ead677f0145ebea277f6080c89001b77681b4c4.jpg
cdn.field59.com/WTHI/ 233 KB
233 KB 59ms
57ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/5ead677f0145ebea277f6080c89001b77681b4c4.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88c2cceff9fed1facc390988d1dfbb65f8fcac6915a360458363d9e7b52feb4

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 16557
cf-ray: 688c488099694aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 238464
x-amz-id-2: iF5OIo6nQMOxR3qy3aLwZISgXQ9Q+tjNeN17WboZXVNjtr+WonBi+gBZa2iJMkjeZfOw83xJz8A=
last-modified: Thu, 02 Sep 2021 22:54:24 GMT
server: cloudflare
etag: "f99a243a0752d01c89dfa54ffe8a6e9e-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: K27XR5TEMZM2G9SN
cache-control: public, max-age=2592000
x-amz-version-id: qwY.8NL_vjaQO3J7hpuELBisyvS_pZwf
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 52d9a60930938868388c928ef9af92ff412b54d0.jpg
cdn.field59.com/WTHI/ 155 KB
156 KB 58ms
57ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/52d9a60930938868388c928ef9af92ff412b54d0.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ae717b4f69d1dfcf8745cceb8d4fd64f95f63715cc66a6f8cc8d122eafd533

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 16557
cf-ray: 688c4880996a4aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 159141
x-amz-id-2: agNuNXyy3HqVMAGFwu+0R7bYVD8iOLywz8QIQHYULsNsxslGtj76+VStEX0Q1Cy7Hk3rJ69cYLM=
last-modified: Thu, 02 Sep 2021 22:50:26 GMT
server: cloudflare
etag: "1252a8039e2961fc4b23341b64166d7e-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: JA876FATJMRK9631
cache-control: public, max-age=2592000
x-amz-version-id: 9mAd4YxuQRI3dDo6r4ccIxmT.fzdnoo4
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 c636a151540678be365dd1603451a72e11beaa1c.jpg
cdn.field59.com/WTHI/ 299 KB
300 KB 58ms
56ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/c636a151540678be365dd1603451a72e11beaa1c.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4052a540e7041caffc424cbb742a02be8941085ad4f768a4708d559e249aa780

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 20843
cf-ray: 688c4880996b4aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 306403
x-amz-id-2: 0+VdtdTJ+IP4vIzznYOQLEwFlzi9pIT/fOXOahX6Afk9wpxMswzptjVWeRFMfzQqp3Gl2NgDgWY=
last-modified: Thu, 02 Sep 2021 22:44:54 GMT
server: cloudflare
etag: "bd29bd340469ae737ae1032e38c2d937-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VWVFY5PY36GCXXMH
cache-control: public, max-age=2592000
x-amz-version-id: iqv7oOSVGKr9JhVaWLldkJhOX6rDUULY
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H/1.1 200
OK banner-community-calendar-300x80.png
media.heartlandtv.com/images/ 25 KB
26 KB 132ms
132ms Image
image/png 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/banner-community-calendar-300x80.png
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 636a46b1d8f0d467c259895f099448d6de31e942695b127b8f02ec632d7759a3

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Tue, 31 Oct 2017 18:00:38 GMT
X-Server-Name: az-cmlive28
Content-Type: image/png
Cache-Control: max-age=2
Connection: keep-alive
Content-Length: 25668
Server: Apache

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 40ms
8ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF7) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 271639
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/8FF7)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1ae3b367-401e-00cc-4a04-9e973b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H/1.1 200
OK TH-Chamber-Annual-Meeting-640x360.jpg
media.heartlandtv.com/images/100*56/ 2 KB
3 KB 122ms
120ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*56/TH-Chamber-Annual-Meeting-640x360.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9ac700cf721354cccbb44ddcfee9478416d31301a208e820f106c75de9fcaf28

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: MISS from cache.clickability.com:3128
Last-Modified: Thu, 19 Aug 2021 19:31:40 GMT
X-Server-Name: az-cmlive26
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 2489
Server: Apache

GET
H2 200 386ee1e1113c9cf5223a0c482852ce8f05d1f214.jpg
cdn.field59.com/WTHI/ 125 KB
126 KB 50ms
49ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/386ee1e1113c9cf5223a0c482852ce8f05d1f214.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a4999efd4a9566afa09199b572e94a8d381cf96da5916520a0cf9d0248db9b

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 300044
cf-ray: 688c4880a97a4aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 128370
x-amz-id-2: 0w5UbSRKJZYc+oj2JzpvhgGHnFYIgfIegpyFseMlIeoXrcu/k5z+cYBT6bRLRsKiT5+4EaMSza0=
last-modified: Mon, 30 Aug 2021 13:39:58 GMT
server: cloudflare
etag: "99a26f0a9b76872097123595167629d7-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BS9EFYPAD09S7X6M
cache-control: public, max-age=2592000
x-amz-version-id: omLF0ubRYUkjDT06_WgnEMVroYQEIX8a
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H/1.1 200
OK Patient+receives+a+COVID-19+vaccine+MGN_640x360_10216P00-IGMJU.jpg
media.heartlandtv.com/images/100*56/ 6 KB
6 KB 125ms
123ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*56/Patient+receives+a+COVID-19+vaccine+MGN_640x360_10216P00-IGMJU.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b20a1330079a00f437b6dca10dcce6c3183eb00bba82dc6782cb9f4f3f7f556

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 25 Feb 2021 15:45:18 GMT
X-Server-Name: az-cmlive29
Content-Type: image/jpeg
Cache-Control: max-age=203
Connection: keep-alive
Content-Length: 5839
Server: Apache

GET
H2 200 495b16a8c7fdaaf358bb5ac4725eed1c7311dbd3.jpg
cdn.field59.com/WTHI/ 187 KB
187 KB 49ms
49ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/495b16a8c7fdaaf358bb5ac4725eed1c7311dbd3.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863565439a5421b737858a16e13ee68f6443c9b30419c8ee054bb07c116edb33

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 1230113
cf-ray: 688c4880a97d4aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 191166
x-amz-id-2: 6rHOspZ4mBlRWXt4b61Pw59ohKamLBhwcwU5xZ5VpgOtDafzkOjA1ocUR3lUsYxb/qg/kmVgNYc=
last-modified: Thu, 19 Aug 2021 22:17:03 GMT
server: cloudflare
etag: "1a5a61406b2aaad60252749eb9d37969-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 5PRKJENEVENM3286
cache-control: public, max-age=2592000
x-amz-version-id: ySO1Vm4D4QMkQD.7UV5c0_XT.FNJcDnm
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 cbc71d6df058c10a3f206c2cab0507fa18952318.jpg
cdn.field59.com/WTHI/ 206 KB
206 KB 49ms
48ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/cbc71d6df058c10a3f206c2cab0507fa18952318.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4316a1687b52bf4dcf6d37508801141d90b0b5dc1d7c30cdc2883b668a2a0f08

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 1320639
cf-ray: 688c4880a97f4aa4-FRA
x-amz-replication-status: PENDING
content-length: 210977
x-amz-id-2: PdU2RTwVh2es+NhMK/E7YlTay5Gr3HarLshCK8CP9Nyk+at0Z7S3tghrH2eaKqJ4D1pWaWk1UAI=
last-modified: Wed, 18 Aug 2021 21:36:51 GMT
server: cloudflare
etag: "1ab55a5f132aac6eedf7eb32edce6586-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 53Y8EC1M4Y0D5961
cache-control: public, max-age=2592000
x-amz-version-id: w0_qDOetTTDOyFmG4t4dwKhojPmVJ.iu
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H2 200 9fea6fdeaa0c2ac126ba499093e44d675946c726.jpg
cdn.field59.com/WTHI/ 371 KB
372 KB 49ms
48ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/9fea6fdeaa0c2ac126ba499093e44d675946c726.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ff68ef22cee3c7ba0ec08c32fafb3bf53d72300af54519083fe7265fde57d7

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 1406638
cf-ray: 688c4880a9814aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 379864
x-amz-id-2: PLDg0H2sfkSgSUPX1TCij+NEOh6GtKwpENfOrBVdCvvqSO35aLGIWxBxmJ9cb7JITPOOM33enak=
last-modified: Tue, 17 Aug 2021 21:35:22 GMT
server: cloudflare
etag: "5999d36627f85aa844a4297d404eabbe-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: JTT72WYJ67D9FKX5
cache-control: public, max-age=2592000
x-amz-version-id: fn0O1NbVNsF23vEC5wa56vmIbBlNB1YG
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H/1.1 200
OK scam+alert+MGN_640x360_90731C00-MEZOS.jpg
media.heartlandtv.com/images/100*56/ 3 KB
3 KB 124ms
123ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*56/scam+alert+MGN_640x360_90731C00-MEZOS.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 51ac9bd5ae73ff445ae3a0e8956426c44d27c677e477aeb7b10d27caebc050c1

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Thu, 13 May 2021 10:30:05 GMT
X-Server-Name: az-cmlive32
Content-Type: image/jpeg
Cache-Control: max-age=183
Connection: keep-alive
Content-Length: 3086
Server: Apache

GET
H2 200 1cc86289f97d1bc90e8c6ce0d54faa4f361a00da.jpg
cdn.field59.com/WTHI/ 183 KB
183 KB 49ms
48ms Image
image/pjpeg 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.field59.com/WTHI/1cc86289f97d1bc90e8c6ce0d54faa4f361a00da.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868c5c9f47ddc7e9385871137f503d484166fae165ea4c0816456b09b4891482

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
cf-cache-status: HIT
age: 281863
cf-ray: 688c4880a9824aa4-FRA
x-amz-replication-status: COMPLETED
content-length: 187426
x-amz-id-2: wQ0hStsB/qnSyXzf9+oTQN28tbYx3RuhCNotATNdcbzS5T0okniL7Sh6ul2B0HYiSEvkr7m9ezo=
last-modified: Mon, 02 Aug 2021 21:33:01 GMT
server: cloudflare
etag: "bc94291785432b567595fb14e548c840-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: VDC6BQB2NDHH1130
cache-control: public, max-age=2592000
x-amz-version-id: 8tgnjZdrlOhmH5td5cdo1983Ueht3faG
accept-ranges: bytes
content-type: image/pjpeg
expires: Sun, 03 Oct 2021 04:37:30 GMT

GET
H/1.1 200
OK scam+alert.jpg
media.heartlandtv.com/images/100*75/ 3 KB
4 KB 117ms
117ms Image
image/jpeg 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/images/100*75/scam+alert.jpg
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 83b069a05b4d18977ef74f5e488a76d69985bf448ef207cedc347aa9598b9c53

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Wed, 17 Apr 2019 23:10:33 GMT
X-Server-Name: az-cmlive30
Content-Type: image/jpeg
Cache-Control: max-age=109
Connection: keep-alive
Content-Length: 3212
Server: Apache

GET
H/1.1 200
OK AMB-logo-wStations.png
media.heartlandtv.com/designimages/ 25 KB
26 KB 127ms
127ms Image
image/png 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.heartlandtv.com/designimages/AMB-logo-wStations.png
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3b782ffcf59add8afa324cfd7a950193e6985441bc4d7dd5764426a006532358

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Tue, 29 Jun 2021 14:56:38 GMT
X-Server-Name: az-cmlive33
Content-Type: image/png
Cache-Control: max-age=107
Connection: keep-alive
Content-Length: 25673
Server: Apache

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
7 KB 21ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.wthitv.com
Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 725335
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6714
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-619d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy0c1LBJpRwtE1FKaUj%2BS5PeKDgqmHeDT%2BjCt0%2FNWIVFSc98qDHyoxxhPnoVDS5cc0W7vreh8T%2FSxgTuJnp5V001PBdjLgoCUtqi%2FNGj5s0i%2Fx43C1vNlUDWVvjaB%2BWVmR2eQMz2ywaYVMNZe3lWlH9Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 688c487c9f5a0610-FRA
expires: Wed, 24 Aug 2022 04:37:29 GMT

GET
H3-29 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 25ms
19ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.wthitv.com
Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 874024
cdn-cachedat: 08/04/2021 00:04:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ccdc7adbaa75ee875ebca38cd78fde07
cf-ray: 688c487c9e5d4db8-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 velocity.js Show response
cdnjs.cloudflare.com/ajax/libs/velocity/1.5.0/ 197 KB
46 KB 20ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/velocity/1.5.0/velocity.js

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88a056eed7fc9dd598f345ea866f324ddeec180e3c5976083257a1cd847d568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11797952
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46474
cf-request-id: 098c552b3f00004e86be294000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401a-312c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1wk4gGrrWfOE9qB2zkk8fKOthYfaJFKRheDk4lfufgcb466voWNihhelZ0g7NexILOWYPLkoTok%2B4GzzD5hkhjVUjXchV%2FkIZQntK8wFDUdUYJMu7V%2B%2Bf6NrLBsogm76vXWbM6FuW1aKpUgLKsAZ42i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 688c487c9dc94a55-FRA
expires: Wed, 24 Aug 2022 04:37:29 GMT

GET
H/1.1 200
OK scripts.min.js Show response
www.wthitv.com/includes/ 11 KB
4 KB 39ms
33ms Script
text/javascript 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/scripts.min.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 13575e4e85121b088ab9dbdca88b8e29ced12719214a228c9b3b09d544d0a18b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: f5avrbbbbbbbbbbbbbbbb=KFNDJLOCDDNEHDMDMHHKMKCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGAFDGGCMJBJEDMJPHKAOGGBDEEIGADBJEAGOHAFMMGKFMANOHEKCKHGPIMBJBFJLB; click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Sat, 23 Sep 2017 12:59:26 GMT
X-Server-Name: az-cmlive28
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 3604
Server: Apache

GET
H/1.1 200
OK theia-sticky-sidebar.js Show response
www.wthitv.com/includes/ 16 KB
4 KB 125ms
119ms Script
text/javascript 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/theia-sticky-sidebar.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: f5avrbbbbbbbbbbbbbbbb=KFNDJLOCDDNEHDMDMHHKMKCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGAFDGGCMJBJEDMJPHKAOGGBDEEIGADBJEAGOHAFMMGKFMANOHEKCKHGPIMBJBFJLB; click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Tue, 05 Sep 2017 20:51:00 GMT
X-Server-Name: az-cmlive32
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 3547
Server: Apache

GET
H/1.1 200
OK jquery.cycle2.js Show response
www.wthitv.com/includes/ 22 KB
7 KB 37ms
32ms Script
text/javascript 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/jquery.cycle2.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bfc870ffd2897d5f380be0b95e89a4ffd7f1cdde24ba00fcba21e20524bcf70d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: f5avrbbbbbbbbbbbbbbbb=KFNDJLOCDDNEHDMDMHHKMKCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGAFDGGCMJBJEDMJPHKAOGGBDEEIGADBJEAGOHAFMMGKFMANOHEKCKHGPIMBJBFJLB; click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Sat, 23 Sep 2017 12:12:38 GMT
X-Server-Name: az-cmlive35
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 7109
Server: Apache

GET
H/1.1 200
OK jquery.cycle2.center.min.js Show response
www.wthitv.com/includes/ 906 B
829 B 123ms
117ms Script
text/javascript 104.70.81.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wthitv.com/includes/jquery.cycle2.center.min.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.81.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-81-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ab6c4fd4bea57a49ab8d190552d6dcaddaf54accf6ccc8e135175c9181e4ae6c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.wthitv.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Cookie: f5avrbbbbbbbbbbbbbbbb=KFNDJLOCDDNEHDMDMHHKMKCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGAFDGGCMJBJEDMJPHKAOGGBDEEIGADBJEAGOHAFMMGKFMANOHEKCKHGPIMBJBFJLB; click_mobile=0
Connection: keep-alive
Referer: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:29 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from cache.clickability.com:3128
Last-Modified: Mon, 25 Sep 2017 12:04:28 GMT
X-Server-Name: az-cmlive33
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 492
Server: Apache

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 143ms
37ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 03 Sep 2021 04:37:29 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 css
fonts.googleapis.com/ 4 KB
576 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700,900

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/includes/styles.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ca5c035a2e273e364ea9eb548ffa676da19ca709e28ea6621712bf2b5549ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 03:30:43 GMT
server: ESF
date: Fri, 03 Sep 2021 04:37:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Sep 2021 04:37:28 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 149ms
101ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wthitv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Fri, 03 Sep 2021 04:37:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 1a Show response
i.clean.gg/ 0
15 B 133ms
104ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/128366/ Frame C68A
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/128366/connatix.playspace.dc.js

1 MB
235 KB

26ms
19ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/128366/connatix.playspace.dc.js
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c355fae78854ae04a5338672cbcf946f4337a91b68b94bc1c9171c4dc4dad005

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: br
last-modified: Thu, 02 Sep 2021 10:36:22 GMT
age: 62325
etag: "535a1a7d6a0b5bf56d0c3b45e749c3b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 240064

Redirect headers

location: https://cds.connatix.com/p/128366/connatix.playspace.dc.js
date: Fri, 03 Sep 2021 04:37:29 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dcaa34fd48dbc241fe20e6105a4faeac0e8ddf9c063fb1bcd9144ff34a9f879b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 47almFxwtRcFebigYX6rzg==
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Sep 2021 04:40:49 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 9QKRdxYsujx+ESvKGJq9Bh1A+2RiwRms66rK6NV2VrBBEu9g4JR0PGK+Dn0rTSCkYS3PSLK+vp2ppjoejEbIKg==
x-fb-trip-id: 917726464
x-fb-content-md5: 52d743460217a1cde48e054aa60fe268
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 03 Sep 2021 04:37:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "32a5fa1d5b3f52ab100bd93805961948"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK s
s.clickability.com/ 42 B
952 B 638ms
112ms Image
image/gif 34.193.167.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.clickability.com/s?&5=-120&35=0&6=574603551&7=3078023&8=https%3A%2F%2Fwww.wthitv.com%2Fcontent%2Fnews%2FSCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html&9=&10=SCAM%20ALERT%3A%20Fraudsters%20claim%20Apple%20iCloud%20breach%20to%20steal%20your%20info&11=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&12=en-US&13=0&14=1.5&15=1&16=1600x1200&17=24&18=0.465088304223636&19=910
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.167.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-167-244.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
X-Server-Name: az-stats6
P3P: policyref="http://www.clickability.com/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 42
Server: Apache

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v2/ 20 KB
20 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v2/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83989511162f4870eec741186b1f61e347cf37e3d54da12035a90da2836965cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wthitv.com
Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 16:29:46 GMT
x-content-type-options: nosniff
age: 562063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20136
x-xss-protection: 0
last-modified: Tue, 10 Oct 2017 23:09:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 16:29:46 GMT

GET
H/1.1 200
OK feather-webfont.woff
heartbeat.heartlandtv.com/fonts/ 13 KB
13 KB 364ms
118ms Font
font/woff 50.28.54.68
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://heartbeat.heartlandtv.com/fonts/feather-webfont.woff
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/heartland-css/vendor.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.28.54.68 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: web.heartlandtv.com
Software: Apache /
Resource Hash: 0999a7c80d428aca7048c17797e42ce94804645b674c923e242bce46eacff4b7

Request headers

Origin: https://www.wthitv.com
Referer: https://s3.us-east-2.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
Last-Modified: Mon, 31 Jul 2017 10:41:47 GMT
Server: Apache
Content-Type: font/woff
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12936

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 19ms
19ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.wthitv.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 11468441
cdn-cachedat: 2021-04-23 12:54:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 01b807fb34cabae14c6f83a019c73cd0
accept-ranges: bytes
cf-ray: 688c487cdeaf4db8-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 pubads_impl_2021083101.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
116 KB 70ms
37ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119248
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:30 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 241 B
786 B 102ms
41ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wthitv.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ca58465ad583ed235b23becc160e764c6dc9a7cc78a238fc15aeedd3c861290d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3911
date: Fri, 03 Sep 2021 03:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 03 Sep 2021 05:32:19 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 39 KB
7 KB 504ms
294ms Script
text/javascript 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.wthitv.com%2Fcontent%2Fnews%2FSCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html&ntv_mvi
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 45cd1573e8445a7e5b53d7c6e3bc76c0bdfd71e2bf74a71921554f4e9507d1a6

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 7105
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 main-8178db5c48.css
player.field59.com/release-3.18.5/css/ 58 KB
11 KB 33ms
33ms Stylesheet
text/css 104.16.57.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.field59.com/release-3.18.5/css/main-8178db5c48.css
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f4f65da989e98349457dcbd2f8e17e88972d98dea663eaf85133d5e47c4dce

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Aug 2021 14:01:48 GMT
server: cloudflare
age: 120885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 688c487e7bef061c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires: Wed, 08 Sep 2021 19:01:00 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/128366/ 95 KB
13 KB 20ms
20ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/128366/connatix.playspace.css
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: br
last-modified: Thu, 02 Sep 2021 10:36:22 GMT
age: 62326
etag: "2d5d1c3d89cc4965db765c1c8754e68e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 13297

GET
H3-29 200 7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
fonts.gstatic.com/s/mavenpro/v22/ 18 KB
18 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v22/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e10684028a44797b734c232e01ae86a2da170d7586b6aacde7df81557ce35eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wthitv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:38:55 GMT
x-content-type-options: nosniff
age: 475115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18292
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:56:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:38:55 GMT

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame C68A 126 B
429 B 455ms
115ms XHR
multipart/form-data 18.116.179.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=128366
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.179.127 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-179-127.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c46ae00fde068963bd0c2c8de9927a54dfa9486d502ddae54e9dd225a190ae0f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.wthitv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 153

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 222 KB
65 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1370c2695ca4e1c62f963d62ff7c5387

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaf8e6d11052af07d44b6f23f17ecfd17e2d1d485e3081affc5f9151bd5f5617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.wthitv.com
Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cmYiLFrdeh00YgyBIo3HDg==
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Sep 2022 02:36:57 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66824
x-fb-rlafr: 0
x-fb-debug: vaoyxTEMNVroNLsX97KV1Z2qljzzX3lgTzbQsCNJfk2bkbMCRhyKzrnZu+IqN3ZyOte3oAAzSR1rFWE+VM5UyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3ddec29cc2c9f6207ca204e25e5585d2
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 03 Sep 2021 04:37:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "68701d25d7a91f956b6d5c8e18d12c42"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1432592302&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wthitv.com%2Fcontent%2Fnews%2FSCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html&ul=en-us&de=UTF-8&dt=SCAM%20ALERT%3A%20Fraudsters%20claim%20Apple%20iCloud%20breach%20to%20steal%20your%20info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1357377909&gjid=9515274&cid=862773268.1630643850&tid=UA-54612925-18&_gid=897146159.1630643850&_r=1&gtm=2ou910&z=475968436

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wthitv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-54612925-18&cid=862773268.1630643850&jid=1357377909&gjid=9515274&_gid=897146159.1630643850&_u=YEBAAUAAAAAAAC~&z=1220613169

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 04:37:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.wthitv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wthitv.com

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wthitv.com

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 572 KB
128 KB 965ms
907ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=194335352490120&correlator=1890771601391914&output=ldjh&impl=fifs&eid=31061841%2C31062297&vrg=2021083101&ptt=17&sc=1&sfv=1-0-38&ecs=20210903&iu_parts=132916964%2Cwthitv.com%2Ccontent%2Cnews%2Csticky-footer%2Cbouncex&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=970x90%7C980x30%7C970x250%7C728x90%2C970x90%7C980x30%7C728x90%2C970x90%7C980x30%7C728x90%2C970x90%7C980x30%7C728x90%2C300x250%2C300x250%7C300x50%7C300x600%2C300x250%7C300x50%7C300x600%2C300x250%7C300x50%7C300x600%2C300x250%2C300x50%2C320x50%2C728x90%2C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=pos%3Dhtv-top-1%2Cad-stack%7Cpos%3Dhtv-left-1%2Cad-stack%7Cpos%3Dhtv-left-2%2Cad-stack%7Cpos%3Dhtv-left-3%2Cad-stack%7Cpos%3Dhtv-right-0%2Cad-stack%7Cpos%3Dhtv-right-1%2Cad-stack%7Cpos%3Dhtv-right-2%2Cad-stack%7Cpos%3Dhtv-right-3%2Cad-stack%7Cpos%3Dhtv-article%2Cad-stack%7Cpos%3Dhtv-weatherbox%2Cad-stack%7Cpos%3Dhtv-native%2Cad-stack%7C%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1630643821&dt=1630643850545&dlt=1630643848824&idt=1679&frm=20&biw=1600&bih=1200&oid=3&adxs=15%2C-9%2C-9%2C-9%2C1215%2C1215%2C-9%2C-9%2C630%2C1225%2C-9%2C-9%2C0&adys=96%2C-9%2C-9%2C-9%2C126%2C668%2C-9%2C-9%2C657%2C304%2C-9%2C-9%2C85&adks=3451552755%2C3689698051%2C3689698050%2C3689698049%2C1742442203%2C359820755%2C359820754%2C359820765%2C232223144%2C139699240%2C3576616250%2C2437478896%2C326751167&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.wthitv.com%2Fcontent%2Fnews%2FSCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x24%7C0x-1%7C0x-1%7C0x-1%7C370x0%7C370x0%7C0x-1%7C0x-1%7C560x49%7C350x8%7C0x-1%7C0x-1%7C1600x1286&msz=1170x0%7C0x-1%7C0x-1%7C0x-1%7C370x0%7C370x0%7C0x-1%7C0x-1%7C560x1%7C350x0%7C0x-1%7C0x-1%7C1x-1&ga_vid=862773268.1630643850&ga_sid=1630643851&ga_hid=1432592302&ga_fc=false&fws=0%2C2%2C2%2C2%2C0%2C0%2C2%2C2%2C4%2C4%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1170%2C370%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C-1%7C0%7C0%7C-1%7C-1%7C0%7C0%7C-1%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

aa17ece9f803fc26d80f2561fc061ae4dbd2c32f99e35353c6d6b389ffba38d6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKfm59v94fICFVfkuwgd-VoFFg&gqi=&layout=/sadbundle/%24csp%253Der3%24/1848377098735549687/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKfm59v94fICFVfkuwgd-VoFFg&gqi=&layout=/sadbundle/%24csp%253Der3%24/1848377098735549687/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
google-creative-id: 138361189284,138355404054,138360600361,-1,-1,138361189593,138361189587,138355760014,-1,138355751461,-2,-2,138355390203
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129149
x-xss-protection: 0
google-lineitem-id: 5774304129,5735497857,5770151665,-1,-1,5774304129,5774304129,5735574120,-1,5735533563,-2,-2,5735475093
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Fri, 03 Sep 2021 04:37:31 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wthitv.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 458A 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wthitv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.wthitv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 03 Sep 2021 04:37:30 GMT
expires: Sat, 03 Sep 2022 04:37:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK click-out-icon.css
s.ntv.io/css/ 618 B
1 KB 33ms
31ms Stylesheet
text/css 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/css/click-out-icon.css
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
Last-Modified: Wed, 13 Sep 2017 22:37:26 GMT
Server: AmazonS3
x-amz-request-id: 880B72DFDE73E1A1
ETag: "43c31858c9aac81661d142577cb1fc68"
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 618
x-amz-id-2: oJuMSYYTkoOSfPRAwKWeUHSB/I4XdenD8NLhFAx/kTATfZPgnOYWZme29G+bjHzZ0WiWyUBL9lM=

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 91ms
30ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=12859
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:30 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=34335
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H/1.1 200
OK http%3A%2F%2Fimg.revcontent.com%2F%3Furl%3Dhttps%3A%2F%2Frevcontent-p0.s3.amazonaws.com%2Fcontent%2Fimages%2F601a6e32479b98-47831953.jpeg%26static%3Dtrue
ntvcld-a.akamaihd.net/image/fetch/w_470,h_265,c_fill,f_auto/ 40 KB
40 KB 658ms
559ms Image
image/jpeg 2.16.107.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvcld-a.akamaihd.net/image/fetch/w_470,h_265,c_fill,f_auto/http%3A%2F%2Fimg.revcontent.com%2F%3Furl%3Dhttps%3A%2F%2Frevcontent-p0.s3.amazonaws.com%2Fcontent%2Fimages%2F601a6e32479b98-47831953.jpeg%26static%3Dtrue
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-105.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 60a17b6305902af291ffe3de873d15b37d5be7d64c75389929b3d9d92cc8820b

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:31 GMT
X-Check-Cacheable: YES
X-Serial: 840
ETag: "1612344883"
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=1875431
Last-Modified: Wed, 25 Aug 2021 21:34:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 40743
Server: Akamai Image Manager
Expires: Fri, 24 Sep 2021 21:34:42 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 110ms
109ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=303,302,819,807&ntv_ui=62c4fff4-ffc7-406a-b94e-87adde0bae28&ntv_a=AAAAAAAAAAIFQQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWRPcgnP7uCaWCaRcPx04ESCJZ4PyQ04YTzdBnO81L0EOlvlrHc1UwVKtwMYO2iULa_Ex1iwbRg_T6RYX6_WmLoR6lIGZoJTYA_eJhZgAQYF0mBpnYRSC8qdf765oXEpTONpLfmZS4g_ltJ5CdSBFDfIEuTeiTt7goToMNkpvBdR6taFEkdC4XQzKT21BcPGUshXui2RPZgHsA6of6-F59arUArTowwXc6uyF8Mi7RDLhHR0nF-JtmvYdw-z9AqadzF0VHmQtbLl6CeowCr3BJwIW-s-m2q8W_957ALrq9M8CPyj7BFnuKXZsR-cL6fPeN70dj8vf2homIbPdfb-6IiR6yaf6MAUpmW0ROA1AoA9VGUbwy855s9IG1ykvabs1A5wf6nqnuUFso9djmXynAGJxJ_aZ8P5-oQ_psaF2wvqVOVjXTp7O4wV4tE2s0TyePZDF-7-03fqLpXt93eRvM78MnAfoxyr5fM5usbfipHUFKWdCc9Ri_aV-u4BX0oRbck-IissOlVSd23wesVZlxuY=&ord=-1749478561&ntv_ht=iqYxYQA&ntv_tad=16&ntv_enc_pr=ZV0u1BPe85WNz_PbNAZe_SbEMjVx3P9yWBBzeBjr8w29pxbC9l7GIfUJWQFEEYtkCl6WVWKY8xN-MAZbWAilXROVj0Hh9UGajYAdlS_HFzkOw44GCL3Qn8qB5iRxwz1YRwrY0CsKl_7ww9H__I27DQ==&ntv_it
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:30 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 track
trends.revcontent.com/rtb/ 0
136 B 193ms
110ms Image
text/plain 34.251.98.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/rtb/track?d=7FmCBrPliNI4AkWwdiT8JuGa5CYR3mPs%2BtcbdrbLEaMabTAGZ0peZcPU0E7tGJcwMP7tO%2Fe4DqqoBldDAazeDK28uR5Ce%2BVdzJDo5twhyy41z4R44l%2F2LB3k0oq77%2FkoISqBQNXA2f7Fx7RXYPkpYj8fhSb0Tm6XFcnkKptT30GfNjMvA35VLwhs01Yin3vqdiyh2RTR44S%2Fh4u7WZrr8n74c6PI9bnaoxWYdL8dFYyKDPArTpTqV7N7gZaU0bPxdwpZh%2BJoo%2F9hvTnfCjZl6v5xvsKfmCXmIAEIgHBYJo6It2ZMtZmAAGVqIi9S2x6Q%2FUj2IsR6I%2Bd6zUDebJ3oeQdoxpL9nWAqk25YukVaqiWDsXwi3%2BAFVeOQGugT7573qSiG8eQLBRWekPDoJbw1IO5f0gMMNvY00ceWavC7JMtKJOmKIF9uiJVH%2FP7HokCMw0RLOFVrfBVA89pGe%2FB6M2Sw9kYoP%2Ff3WLFPwq80ZMq7dGt53g7WR186fRxeXAFh2dCZf6B9D0mRqDiHZql%2FKo1YBk0q7EFlAM2qbGcy3Q3h1hH1ka2vZTzxubjIzJntoNzYN7gRDTFMx4U1nwAQbgnkGNHi07zxN7oDxJpIUUgj2cS%2BEmB98ZezeGEuBuQRQS8hRhKyeEF0c7lG0dscM%2BLfkNgnRw3l8LF1juad3fuDiJY%2F71C%2F0tzpDLtSLdAixfLZudF6%2BqQ4blO3ptPmXHKEoDwfddQ05x4H8rERKsVEVE60g4DfNAN1%2BsnJkowxTMkjFj0u6FdA8V0LTdv4RRsp49Q6wiL42QzMZqK7EFgpAUDrDaO4LN10PtbE7hawiJcBfGA90arN9WJ%2BJ3PSO4K22lmkn4RpkE6xXmZpfAN1QmAsQm2IG6qgHCsN1FsGuYn47qK0J%2Bx9o1ztkkLAlWlqAzrzykV6vydgEkV5lGk9B64uEHL6eg3kkc%2Frt7oaH%2FyVM7Hj%2FmhwDkyr3wkTaxv3XSXLsZO0xPEf%2F0TkyZd2KHq2F1j5fZyySXStwlsuDzs0LOZG7LZ2CIQgCZ9GDpK9cJp%2BPLXHNWraBjDnj7BEMaXmR6NZrFka39r8AG%2BjZww%2FNcs7WgEs0UEd%2BfLwWCw7USXSv%2BvVFHpPv0JOFwmjr%2Flz8EA54iCxbtuaQDiH&b=0052cdce-1c81-49a9-881e-5b691c9a5560
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.98.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-98-197.eu-west-1.compute.amazonaws.com
Software: Grizzly/2.4.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 04:37:31 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 109ms
108ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1070112&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:30 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK click-out-icon.ttf
s.ntv.io/font/ 1 KB
2 KB 86ms
27ms Font
application/octet-stream 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/font/click-out-icon.ttf?sjshwd
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/css/click-out-icon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d

Request headers

Origin: https://www.wthitv.com
Referer: https://s.ntv.io/css/click-out-icon.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 04:37:30 GMT
Last-Modified: Tue, 04 Oct 2016 00:20:40 GMT
Server: AmazonS3
x-amz-request-id: AC8FC5A61A32D72F
ETag: "f587575d5d6dc5e7dc296da77fb11396"
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1092
x-amz-id-2: HpmlO9jp42YcpH/ytKgJ6y3WOr8NGe0HL5xeSJfJ9rdt9gQvyYNLG9CGGlqG2AwyIUAjwpZku7A=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 106ms
106ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=851&ntv_ui=62c4fff4-ffc7-406a-b94e-87adde0bae28&ntv_a=AAAAAAAAAAIFQQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWRPcgnP7uCaWCaRcPx04ESCJZ4PyQ04YTzdBnO81L0EOlvlrHc1UwVKtwMYO2iULa_Ex1iwbRg_T6RYX6_WmLoR6lIGZoJTYA_eJhZgAQYF0mBpnYRSC8qdf765oXEpTONpLfmZS4g_ltJ5CdSBFDfIEuTeiTt7goToMNkpvBdR6taFEkdC4XQzKT21BcPGUshXui2RPZgHsA6of6-F59arUArTowwXc6uyF8Mi7RDLhHR0nF-JtmvYdw-z9AqadzF0VHmQtbLl6CeowCr3BJwIW-s-m2q8W_957ALrq9M8CPyj7BFnuKXZsR-cL6fPeN70dj8vf2homIbPdfb-6IiR6yaf6MAUpmW0ROA1AoA9VGUbwy855s9IG1ykvabs1A5wf6nqnuUFso9djmXynAGJxJ_aZ8P5-oQ_psaF2wvqVOVjXTp7O4wV4tE2s0TyePZDF-7-03fqLpXt93eRvM78MnAfoxyr5fM5usbfipHUFKWdCc9Ri_aV-u4BX0oRbck-IissOlVSd23wesVZlxuY=&ord=-31785277&ntv_ht=iqYxYQA&ntv_it
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:31 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 12859 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 320 B
613 B 419ms
417ms Script
application/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/12859?t=20218367
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 07a81d561954dae4a8c2fe69dce01f1a06f74830654975ed7c1b7bbb71c5b291

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 1hikuq2ice2KkTq0LUpgmExWjXS0YBSO
last-modified: Fri, 03 Sep 2021 04:34:10 GMT
server: AmazonS3
x-amz-request-id: WDW0346T4QS653HW
etag: "ff36023c8c6ef39b7b29066776ede60c"
content-type: application/octet-stream
date: Fri, 03 Sep 2021 04:37:31 GMT
accept-ranges: bytes
content-length: 320
x-amz-id-2: SbT6NwRReyzL97HvkcUwUYMTZe3D73qwdS4PLV7V2LpzDBZS6Jorz1db5Pry0Z1FUDSijmTZp+8=

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 0
461 B 145ms
112ms Image
text/plain 2600:9000:2156:5600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=nlsnapi29032&am=4&ep=1&at=view&rt=banner&st=image&ca=moat_tsci_tKCVz&cr=crv5179884&pc=b-12859-www.nativo.com&r=1630643851489
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:31 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: xNhxKqwj3CJIitK3Yd7kLmyEAK7wYHluZs3y8sbmH1Y3t6xwFj_wtg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3135 0
0 37ms
37ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusHDLbu7_cnTOXDV8yXBhDvNaIz2mePFwVgAyX2yjgEVDE9oEozbre6_1R-L6f9EeNnJzsub-hcyJZEB-3vpwuzkMYlECUd3C9X0kW57S1nuzZ77ef0k9v08yNlBi--scpgLCkPjLVkBItjcadf1vEh521LN37gy4k6HJWy6YzK4vm2RsfidnCRYL-WtxsFIIK-RtoapG6WuBm9ePPUH5xj28M1gp0Em7qvkOaCfp95_rQ6PENMBvwTRsvrSWXmiRM3K4dhvCvBJPM6i9G2ZuupgHrPdPbW6FrhtfD-gZ7v0nImqov1o-sM3B4NsyrWb-Cb0fVWb0&sai=AMfl-YS07H2xJmWFXbvQaHDQhmOJBR9I9Wr0B43YkWF70HX1e8gzDE7sr6PBHFEYXwBHyyKedP57ew6uFhsWzIX70quHYjJerjK4gs_KgbatwRyUzqmZ8jNLE4FYgbMMFwA&sig=Cg0ArKJSzB9pb1x0tDE4EAE&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 03 Sep 2021 04:37:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 3135 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:25:42 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3135 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:18:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3135 122 KB
37 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3135 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBLj0qc-NIjhQq5gl9oPvQSRfnq54J1mfFXlTza0zrOKQpiRJn2LfO7FekbT_huSABZxHoLgWeiJwcUcAwbR0Gctt9XQ
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 16209421730884616114
tpc.googlesyndication.com/simgad/ Frame 3135 32 KB
32 KB 67ms
67ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16209421730884616114

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6056114a487679d33f9392127dfabed45883fc29f07f2d55313bdecd2290c9dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 13:10:11 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
expires: Sat, 03 Sep 2022 04:37:31 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:31 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B58 0
0 42ms
38ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR53nzwIYJv1G5Z9-Y70iVwns--W14Tzx5JJe2sosBElawrm3Zxvwc6w8XLxLIIrztpasR1Uk1TQzcfjcjXEwp4C9hEQHZpLqYoqJFS5i_DxFJ4UuG6xg9CKFzEMUfg1UkYYmuU02GtTXc2CfhSg3kPDrYdDcThTIEJowR0vrcUbfslUGdZND_7YBwzhWCTLPM3fz0KmTCnbcaqFSDDkmH8Qdbx5rOemWLzNrtNPqAHxjeGBrdG-_s3A6SCeZyrOBsN0K2J-d5UIlw4prxrFXAwNIFBNxFRSMTZj3-ojdCWB98RXwI8xy4rNyrPnwGKv-46Pejncw&sai=AMfl-YRtQ3HnEgy_mNKbnnP63ZeK69FGSW2ZsOqEK3uLUrg3OFTaHXR-BbgP7jiEp4Tv7YaR6xcEFzGHVxY1NRgEnHQIarMb3l8j9Nm2mMsQXrNFCLDO6Gi7PQNqywDGKwk&sig=Cg0ArKJSzBkt6t_hYl-KEAE&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 03 Sep 2021 04:37:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 7B58 18 KB
7 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:25:42 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 7B58 2 KB
1 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:18:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B58 122 KB
37 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:31 GMT

GET
H3-29 200 8668699946053549636
tpc.googlesyndication.com/simgad/ Frame 7B58 39 KB
39 KB 19ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8668699946053549636

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1833041aa1638c2a25eb32da3e639fb82dbcb17736500a60a98851601f38c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:54:13 GMT
x-content-type-options: nosniff
age: 132198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39425
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:10:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 15:54:13 GMT

GET
H3-29 200 container.html Show response
33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7965 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wthitv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.wthitv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 03 Sep 2021 04:37:30 GMT
expires: Sat, 03 Sep 2022 04:37:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7FF 0
0 37ms
36ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmgWagUbThBTVXmm7_DJ8GlFrMC8v3K2dzmIgPk9GlCW-lumHUQv3RwBDv3phsSsm-A2_sQxsdpKi5a7uedtv-5chTgB3jO8i-s0VP0bxle44C9g228jJbhCU2NkL6T1FsgMLmems9ka7Rb5aKFzcDQidcffCt_sJ3F3nLei4z04B8hhupMduBJ1Vgwr1uKeb77SNNp2q1WT5a2r2sbzdUUW3PSA-mFUFQ1T3WDw_0r4C8dG8nBKbgt6sKRKoecrZa8bPgSDYTyi2e7T7GFWNK3KhJ79MF30kvLdcJg7HniCRexbElHEUi6tNSChEu&sai=AMfl-YSO0o9IXxR96vfOQ3YrToGDxoEa1mNC3XlUNFlyeHjREM-e6Se5VnJKOlJLipaF6Kwocm7S0WD4VlUWo4_RKnQea8Wn10sBiuWG6kwCs8jeCwsM6_rOyw-JgSx4V9g&sig=Cg0ArKJSzIQqAQ8k4WXHEAE&urlfix=1&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 iframebuster.js Show response
assets.bounceexchange.com/assets/bounce/ Frame D7FF 1 KB
1 KB 63ms
20ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:08:36 GMT
content-encoding: gzip
age: 1735
x-guploader-uploadid: ADPycdv1kA_8bxOcpYiY_p0LmGqYM3R1kr6V2UhyuyZdpyU3DOgyuMcUl2cudrRk6sp8ADIE7FlBM_7FuuQfL_9lWus
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 539
last-modified: Thu, 25 Jul 2019 15:10:59 GMT
server: UploadServer
etag: "0cfef24c569b42826ee2e88465d4bfb6"
vary: Accept-Encoding
x-goog-hash: crc32c=DjYwig==, md5=DP7yTFabQoJu4uiEZdS/tg==
x-goog-generation: 1564067459897939
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public, max-age=1800
x-goog-stored-content-length: 539
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 03 Sep 2021 04:38:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7FF 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:31 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 7433 188 KB
55 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 21:15:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 7433 13 KB
5 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 7433 89 KB
28 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 7433 70 KB
16 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-animation-0.1.mjs

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a213b67eebe575881cc62cd8800129e15d9ca92049b2e37832bf83d9fa2ed79e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 217894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16652
x-xss-protection: 0
server: sffe
date: Tue, 31 Aug 2021 16:05:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b7d23c40180897d5"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 16:05:57 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 7433 4 KB
2 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 7433 40 KB
13 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
DATA 200
OK truncated
/ Frame 7433 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5392970032ac85f388a858e3843a93b8a510b2aeac0fc98ede028ec62462620

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7433 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 63198
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 03 Sep 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7433 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 74384
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 03 Sep 2021 07:57:47 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7433 0
0 40ms
40ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEAXciqYxYb31KtfI7_UP-bWVsAGou9bOYoTKheKpDb_hHhABIKf0kQtgkYSghYwYoAH7jPPwAsgBCakCpKqssgDssz7gAgCoAwHIAwiqBL0CT9BELY4iO5DO-UAIM8e1RaRLC1DpmBZNdnFqHuuHewi5KrRJJCrUNlU88Wp5GmlQjRL2pe6y7CJeP7dEtbEeK2SkpzcLbr0fZ5iUu3_eu4BFdRsWKeLNTpooWimd1Ps1qzHT4dPHySxwCqFd-rPlKNsKCRqmJ3E781Krwqt7mFj0t1w0BZf1AuXO8h1SSP2IncT0xvpLKwg4_BD_Roda2U4M0UeAVgVrhp5hc_y1MCadfe_fspSaaTSpVUvTJAASufQu8YNpnYmdDCiyMKMhRCb0fKbFvHcjhFYmwixLnpm8eBXeBIBtIKTuJxpafpSHbS-qccfn9I2cGH3jk54D5wvIdVkZnCHiqZ6NGCeFtFNWKKGkxsg2Ll68yxVWJb0GySkWow-CW5avg70S5TXnLvCKUE_xYWkzhc4k0q_ABOC7saeUAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe-sM-VAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ9d4W0ggJCIjhgBAQARgdgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTMyNDc5MTk0MDgxMzIzMjIYvM4Z&sigh=gdCfsaaoE3k&template_id=419
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7433 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c62435d150cac5c7812c232c0868b85e8d97aa7c0ea8002e4f33ae104cac8b66

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7433 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 964c3d5e06c85cee3e60121aeb5072bb9a65f324e119f33f2701d54df924ff41

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 7433 29 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 302076afc62f1c09c1114728de943fbcb497af51f596194f2bbd28f5b1ff2a02

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9925 0
0 45ms
38ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuyVCnl-YIwUs6wqweaIJ-ZJV_jAEeppabkbXyxoMMoYLHyMnUqxkA-16nOzLp70T1QSFQbdexqDc81jU65OHy46Ea5_pOMULxwse1xsU1amM-8Hm9ugXCbDGikbYnfhVR5JtV0EHClqtNRI3RFTsI50ud0yv2O6O13bR4eexsWUD1PgUBfipz2c1irz-XJGVnwbD9YfQV5zjSWTFZFn8VLWQyCiH8Gzebfz5JJ_TMdX-lzZHHUB0m4Rxo1fsc4GkSg4iM9mRKaQcMShaISmLe-5c9ydCUW-jjPvjFgaus72vPWALst_VplmEzj86wfyx3DnL3nHI&sai=AMfl-YTt677e9jk3PqUqrMdGf0mDPVFtTeABI_gZVJ5F53RWGCmYI3zzhjACpvU3Xok5c8fhqeGzMJq7z9HYkyFoew__AtrsDGfhtBfG4fJKtXNjO1xygcrgyQjsndCoDR8&sig=Cg0ArKJSzJg80TpXps5eEAE&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 9925 18 KB
7 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:25:42 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 9925 2 KB
1 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:18:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9925 122 KB
37 KB 35ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:31 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9925 0
0 23ms
18ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRG0SXcKd1Fn0VOXTjgVMn7fNhWFwk5e5sHhbo4CXS-ggoQ8XtnkyRx_o8KRmAIfSESnSWfykATz9CAxVgV8wOZhLjcEg
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 1874103361948980824
tpc.googlesyndication.com/simgad/ Frame 9925 6 KB
6 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1874103361948980824

Requested by

Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d934d8dfaf5e489f7b39081b6f77b946f7bc9ed4b0fc268db35cf17dfa66292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 18:00:23 GMT
x-content-type-options: nosniff
age: 211028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6091
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 18:35:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 18:00:23 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 107ms
107ms Image
image/gif 18.214.172.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304,809&ntv_ui=62c4fff4-ffc7-406a-b94e-87adde0bae28&ntv_a=AAAAAAAAAAIFQQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWRPcgnP7uCaWCaRcPx04ESCJZ4PyQ04YTzdBnO81L0EOlvlrHc1UwVKtwMYO2iULa_Ex1iwbRg_T6RYX6_WmLoR6lIGZoJTYA_eJhZgAQYF0mBpnYRSC8qdf765oXEpTONpLfmZS4g_ltJ5CdSBFDfIEuTeiTt7goToMNkpvBdR6taFEkdC4XQzKT21BcPGUshXui2RPZgHsA6of6-F59arUArTowwXc6uyF8Mi7RDLhHR0nF-JtmvYdw-z9AqadzF0VHmQtbLl6CeowCr3BJwIW-s-m2q8W_957ALrq9M8CPyj7BFnuKXZsR-cL6fPeN70dj8vf2homIbPdfb-6IiR6yaf6MAUpmW0ROA1AoA9VGUbwy855s9IG1ykvabs1A5wf6nqnuUFso9djmXynAGJxJ_aZ8P5-oQ_psaF2wvqVOVjXTp7O4wV4tE2s0TyePZDF-7-03fqLpXt93eRvM78MnAfoxyr5fM5usbfipHUFKWdCc9Ri_aV-u4BX0oRbck-IissOlVSd23wesVZlxuY=&ord=548958856&ntv_ht=iqYxYQA&ntv_tad=16&ntv_ift=0&ntv_it
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-172-53.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:31 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 view
trends.revcontent.com/rtb/ 0
135 B 110ms
110ms Image
text/plain 34.251.98.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/rtb/view?p[]=0&view=FkKKzPug4VEawLmLxL4m4Bo43U8eBh5SQZAEW3Ghsay2A9Cvu7RI3AvQBx1Nkg65u0dQM6%252BMMGoqTdxaPJe2Ef2KJdTqqcoXxLhlcvxrH1GVaI4VHCSuJModXzcf8mmi%252BE%252BkK8UOZvZKYl7Jb5rID1M53ZWNOJMJ3%252FoYMuqypKqCWW2pCpyhvC4x3NvLTUXb1cYWTcDqlSMwO4nAdqfHJH2epmbEcQ7qSgs86LmDdxa69KVyNCJF1lW3YyFaL4Z%252BvSC5g8ZkZ3B2p4mqbn299jeeGF1tqg8JRU3NPo9k05QVJjeY9eXRqbhoiTai41uebCqWJDCHu0af%252FUNrRDdarD3ugLXk2t%252FAD3QQfsuNhANRMLUSRbKXGG%252FIImcVkIAFN5mkSIW8a4niQ9SzsjB2ag8O31sDEkefANhktQWEF%252F2EHI7NLOcgE2qZ3uqE0i0QRX7mlTxPHX%252F7j8sS8QyhUuk4nvvFDuetApFw2W03xJ5KAqaPI2GiQg1JCxVFkLebGSGttw%252Bu4cA3dSzsH3fM0G0gfOXrYF2StAvk5ycFRDRMUMLD4e6q7r6zDaGnzo1EfoXESU8SfPIiAXd2z74oa2yeC9ObQr5KUs2HLnPm9oWgiTRoG%252Fmb%252FmcaZnCFuCcW3Xou60CKym8LQp7%252BR9oX3JlTQArhI2GD4Pe6UDjFvnHmAcOtFR3KDJFy9CYp0kP4R8nEGX2OMJFX8C6qJ4Z5I3FxjtOyiVX8KajRTB9MrMAVJfAshptfSIynja2%252BOBtFUFNepZ83yn4kG5cy7K3tYqIuVFAkBqSDw0P6SwZyrelDFW1U2NHpvuwhbzLVpZvguWBnfA9MWbjntNL0Vm7dQG4h2Hx5XhHWBtLXKj4cR8rF%252FrGXxNZNsWP98ojvm7No28jcNY1C9K%252BSJ3GZnY4ofmaDABi1R%252BtZbtdc0vxICXnueOFZFgfBJLmM9Rd3UR5I3IL1qPmx3LptxigS2fSow5wiYOb7E2pvjBbqMCVycNWtjp6dAMft56pXKSLpZqygHi1FR32BfoYcARp4oMbfw6azCP%252Bqnc8RqQPATUuCd3i9OeVcnsZE3dZqlfzVoBq5xBqvSw13XBViJjXDxQv8aklXCxQ3U%252FGXXeTjzqpDSPRjT6gvuKGefJiJwzZcKP6qMKeUVvc7wBE52qwVTwsu0iW20v0jIGPcQ8zPEVQYXuw%253D&b=0052cdce-1c81-49a9-881e-5b691c9a5560
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.98.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-98-197.eu-west-1.compute.amazonaws.com
Software: Grizzly/2.4.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 04:37:32 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3135 0
0 69ms
36ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRFsiv22oPKjvDeumOCEDF42O6XFPYY6pzZDQN9xSEc4uo6C619juntd8LM_OtxL6svwxbT34fiBFTvZAeTA22D9FsvgtOLdmtRgGCbpigEf_NJ2S5Cz6lBdZngAgXtUfBb3X5LnRvrc7p3IO46wAvmbkm7T5PwAnJH9dun84B67xJr0KhSF1lQZ0mcFKZvvcVEWxV0BHQ9sW-ruk8oCo9FuQAFOKU-PyVZrr7u7J17h9jBGctzvqcIZAKemvptmF4-rAaHqDZdsAxQejSlrHFYilhiiXZ1IOIyGjlOaZ6PzvY40DkL06dsT_OvNXUWAKyi9tDZKso1A&sai=AMfl-YQ_pd2x5kZ2RYUgi7pXKZpSVi7Zp8_Agh-YV3myMeGpDKyyJ4F3TrTy3xNtIq6UBbX3wDvE4gSv4IZCzzlmII9DI1-Fbvm1XeuusXwC4xItlMo0WhcCZiHL3-odZeM&sig=Cg0ArKJSzFrWOblzzb_4EAE&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 03 Sep 2021 04:37:32 GMT

GET
DATA 200
OK truncated
/ Frame 3135 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 555d6a9b2b3819558b92bf1b764ca5c96327c0a0a43541ead7bdff5640d81382

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B58 0
0 51ms
38ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCWJ7eLRBXVS34D-uM3okJ2th-M_76IMhdvPOVWZMjnS6vDKjXed2IGoxVZOmNQwyGA-518aGjTQTtChpS8g1B-wiOzf3Yqk5mvQRwWW9_65nQnCyVnoaiNFEQUk29eYLTFgKMdW_ezrZ9YEGKxKnrxRV3oL0C4Nsu0R-q9kNZpMDwVAKFihdUSwOtXtCBlwnCB_8g3N2h9uZcynQQoScNpXWBktJAVYqUChGEIBodevuS-goi_jGt5VWy7nKS-PykTzPvTlL7XcAi3Aag0K7OGwt5b16z0mgMLlncykSuLmRpjh8ObrCk3VHC1K1VUUfEmiyEa9KJpw&sai=AMfl-YRb5tHZ2-v-7HpX9uLQcp_GwqQV4dDZMwgbkepxeXuF7XAWo0iv-yHzRcKNPfNhNhSsYhXNHf1U6l4Nk6bzWJGjzuoQhgr2Fpviy1tYOHzmy1s3x9TePooFd3NfWu4&sig=Cg0ArKJSzAq3wYXhVyItEAE&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 03 Sep 2021 04:37:32 GMT

GET
DATA 200
OK truncated
/ Frame 7B58 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75fdde7af077bfb5a17809f130c8feaf66f9d007323d8791dbf84716185513cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 i.js Show response
tag.bounceexchange.com/3937/ 4 KB
2 KB 76ms
20ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/3937/i.js
Requested by: Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: e7e2fbd4fe8af59374aa665e78992b46204a046b4d6a06e75a608a22fa4b0690

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:05:41 GMT
content-encoding: gzip
server: fasthttp
age: 12711
etag: d94287dba86f7c
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public,max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 2015

GET
DATA 200
OK truncated
/ Frame D7FF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5941a85a160bd3d1b6ebf8ed8bfaaf2c9cad644907b0935b7632b844046b543

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7FF 0
0 38ms
37ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHkur-b8YqSTFeMyFCJEp2iI0i-SkTlVFU1A1mdGWVShcs2dR6_PRr9flxC1mgbjTtlbAcXHi-XfEbYI_nDYQV1HtLd1gddF0SedUzatHt76DVuwbPL9OGlI2Tn4VxAR-OyMq12VunkomDkfOndIk-v_vfR_D111MznejaR3MTss2YAjuksi4kJpx0_PPSnyZT_QAEVWvWvTdSBHIkAX06LqRIQxSywG8lh4nnjbNSnNHB6bf-xUuUFSRfE_RNi4STcpYe51yTW8dKP6K7RK-U2ff_0m6PPqvroGp7FsMKcXYpOkvFUWywG1TlncsRPdI&sai=AMfl-YQj8ipfdmn4GryuKatuLBOFUcOZh8LrC6_C8k3Y2eiB11sVQu_MKuHNHKoBBlETdnCnCOyr4eh-HxGOTLo_rAKYvOhqsu2l4K4YdGFGd_bf3DXDm9E5Wbz_5bR1qSY&sig=Cg0ArKJSzGh7bZxC8KLEEAE&urlfix=1&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 03 Sep 2021 04:37:32 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9925 0
0 36ms
36ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEhUNgD9KqgKAyCvBgJQeOKquqNyRr9gh6rjb9phtOMzD3vNun285XLTHcWSD1joZX8lgns3AvibsIuhscSwLubwmV9FP3PO9fXa81Z4wwIN7EkzEoaXcJkULB2M-uhjXr2q-LIA7C78B6et9ii_R6zEMZUSvG92yQsOa6QKzw8r0s8tfowX2DE_TBTHoEHrE-31E1EJKn2W-DdkZO7jWd3wTdtG4JkEVlMvVueGEIdHM51T4Cd07Yd_tXQZ9ky6Eowvk7y5q4A0_SjLkxpxxLfahfR2aiC5vERmdM1YHHHM9WXKhMl-Tak6o3J-iecZnO1WWsr6Rlng&sai=AMfl-YR0Q_zS1Dw0aZcer39U1RYM6Cw-ZjAO4MxoY3ctym4IZvQq4XOGhYbyp5KQMLYv9swZiwHkc3-AO4qNFwiKXu3nv_-B3etkFetQ6ddM5oGYPvTSk_TUeAbbKkFbxhs&sig=Cg0ArKJSzLpOY-KltkGCEAE&adurl=

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 04:37:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 03 Sep 2021 04:37:32 GMT

GET
DATA 200
OK truncated
/ Frame 9925 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbda7896541afeaddfc0066e92a5f65b3836576cc4d43a2cc10b7470cce47236

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/ Frame D3C2 20 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abc2739f6c41335d188870dddb470dc1c0fe7ba38ea12aa741065de1855e986e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/1848377098735549687/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 01 Sep 2021 10:16:29 GMT
expires: Thu, 01 Sep 2022 10:16:29 GMT
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 3642
age: 152463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7965 0
0 37ms
36ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNYmZiqYxYaf5KtfI7_UP-bWVsAHFzMPzZN6Zz4OfDp64iLaDAxABINWJkxZgkYSghYwYoAGt9oH5A8gBCakCpKqssgDssz7gAgCoAwHIAwiqBL4CT9BHzbW92fvMn2J4qeXgxr54rxmcA2uJntQhNif8VBym-IDsd6gqrjQopo6ItzjZQp2n0CsJ6cZmhKYUqZG8DUcyWOGzCcpMFrRU2-o2l1YSvIGHffg5ewGe-zAm5PRsOHc0Epct5urDEqb89JlVf2gDKyysuxO2WRadC0usUGrJek5JscvhXEhz0p0-W6PiGMtgEafMOlY-zH6kZvMRkPO8I3CLOff_3wlp0wFtD9AzcXlmEZz7g5AKTYfa7nuWC7_e4HIg9fYuFEfRjc0n5IQjLFnCZ-TfdxPQxdVtVAslb7Ea0GykOm7N8evzIJ4JTcE0sQk5t50Ep5w8dF84aKTqK9QynVGwTmXQrNYpidcUQLp035X-H2Q9fgoD7cWSwsycBiyrcWotrPksqWjamGxpjZyMfUVFPslNcfDTwASttf251gPgBAGgBi6AB7uJ_gaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEIzADNIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTA2MTQwMTA1MTk4ODA1NIAKA8gLAdgTA9AVAYAXAbIXHgocCAASFHB1Yi00ODA3NTYxNDU3NjY5OTk2GLzOGQ&sigh=NKdXMGS0Co4&template_id=419
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 7965 18 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
URL: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:25:42 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 7965 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
URL: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:18:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7965 122 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
URL: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:37:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Fri, 03 Sep 2021 04:37:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 7965 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
URL: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 04:33:05 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7433 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 63199
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 03 Sep 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7433 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 74385
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 03 Sep 2021 07:57:47 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D3C2 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 03 Sep 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D3C2 26 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 03 Sep 2021 20:35:29 GMT

GET
H3-29 200 fe4868bd6b6cbf201d3cddf8f192de51.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/ Frame D3C2 69 KB
18 KB 9ms
7ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/fe4868bd6b6cbf201d3cddf8f192de51.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0658f5c512b0d65229744c48e39327016b9f629337cea0c06ae5137620c3925c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18535
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B06 143 B
226 B 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
URL: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkGElywGFzhC9-9O9z65wtIhu14MI-hSZzQQ62XEp5flRRdZxSQGX_ei-50TUg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 03 Sep 2021 03:52:36 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7965 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81851d5f831a00ccb22aef2efad6eba01e06ac668463085829d687994d16510e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 44575a9c68e83ebfc672a3f17e29ae43.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 24 KB
24 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/44575a9c68e83ebfc672a3f17e29ae43.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e36127e5c27b903529c4f60187fd678d04ab41c05296cb4a1c1459d9a2667981

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24381
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H3-29 200 a378f566168aeaaa4b833009ca8ba037.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/a378f566168aeaaa4b833009ca8ba037.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3d601499aa37ab5b39a34937a82f0f62df95ef5879d3911630f360a33e24aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2200
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H3-29 200 a12705ae2d0bc90e1390ab56f666274e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 5 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/a12705ae2d0bc90e1390ab56f666274e.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38657e2172fa61c9c0f943d4580c8be10a26f53a24b4ed6cd8786a001280ba2f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1563
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
21ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
URL: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkGElywGFzhC9-9O9z65wtIhu14MI-hSZzQQ62XEp5flRRdZxSQGX_ei-50TUg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 04:37:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 03-Sep-2021 05:37:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 03 Sep 2021 04:37:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 03 Sep 2021 04:37:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 0bfe1cb43b4ce47074e8d51e7d39d312.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 31 KB
31 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/0bfe1cb43b4ce47074e8d51e7d39d312.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42671b121b533721074324e2bd5d4c6667eb0f5eab5aafff12108ad6df5be19

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31734
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H3-29 200 693b54ea8f0b16e5e040e959d5f6e738.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 9 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/693b54ea8f0b16e5e040e959d5f6e738.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279f0746276fd8b849da45757391570f8c178ca8a8be42d2a2b748e7dddc73fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1809
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
DATA 200
OK truncated
/ Frame D3C2 254 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da793aeb4f04aab8ec2ff45fc6c4fd339511b050f11c0d9aa500902e5c3856cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3-29 200 46b2c42a4681633adbdefbb034d9f7d9.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 5 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/46b2c42a4681633adbdefbb034d9f7d9.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d41030e6bc99690f0739808134bef905bd61d55a03da480ffe37693cc21540

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2275
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3135 42 B
108 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuON5BOaFOv2-9-0wFXEcJHX3_Rp7cvKEoyGkpgP4OYCM5cYXDoelUArmdZyZuavPAPp_26VIOp-KNpuwkUaM-EOdQwI4bpCBzS1a_06u-RJ1WUc2Iz&sig=Cg0ArKJSzBVmnoiJCDdAEAE&id=lidar2&mcvt=1000&p=96,236,186,964&asp=96,236,186,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210901&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3451552755&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630643851624&rpt=364&isd=0&lsd=0&r=v

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D7FF 42 B
108 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwVW7GzcdP1qvELkFl5-vOPR0oHz0n3nSVwoXloYXW9ea9F4cfLnp18NLcRsKuUVzLF157xfjzrmhAwS2x-Bh4K6FtmbWqangzSKtYFLceds3bNpgP&sig=Cg0ArKJSzC6o1BPcCMDzEAE&id=lidar2&mcvt=1002&p=105,0,106,1&asp=105,0,106,1&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210901&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=326751167&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630643851759&rpt=272&isd=0&lsd=0&r=v

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B58 42 B
108 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMDxohdkbAEFGoeJ39JJ7wEAc8DLKs7vS0WX-oeHMGFXrQHtXXHqzVB5DCTXxaUJVl8k_chGT0KgyqpNb01D1YEBRKbICDPVDceUi3TsRWN40Pwywo&sig=Cg0ArKJSzN5xsTN_ngGpEAE&id=lidar2&mcvt=1004&p=968,1250,1218,1550&asp=968,1250,1218,1550&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20210901&bin=7&avms=nio&bs=1600,1200&mc=0.93&app=0&itpl=3&adk=359820755&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630643851664&rpt=344&isd=0&lsd=0&r=v

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9925 42 B
64 B 24ms
23ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGiOzChQij6tvKEkVDqhVKtjQ90av_BZ96jhws86YuLIzsR1H6gdBlN11DqeZatDHJ7TF4Je_iFlF0vEI1YaGGbeyvCPmuA_dQJ1uG5nIFbaI7uggw&sig=Cg0ArKJSzJ4OQl2MXyl5EAE&id=lidar2&mcvt=1000&p=554,1250,604,1550&asp=554,1250,604,1550&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210901&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=139699240&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630643851829&rpt=270&isd=0&lsd=0&r=v

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7965 0
0 38ms
38ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1sF8iqYxYaf5KtfI7_UP-bWVsAHFzMPzZN6Zz4OfDp64iLaDAxABINWJkxZgkYSghYwYoAGt9oH5A8gBCakCpKqssgDssz7gAgCoAwGqBL4CT9BHzbW92fvMn2J4qeXgxr54rxmcA2uJntQhNif8VBym-IDsd6gqrjQopo6ItzjZQp2n0CsJ6cZmhKYUqZG8DUcyWOGzCcpMFrRU2-o2l1YSvIGHffg5ewGe-zAm5PRsOHc0Epct5urDEqb89JlVf2gDKyysuxO2WRadC0usUGrJek5JscvhXEhz0p0-W6PiGMtgEafMOlY-zH6kZvMRkPO8I3CLOff_3wlp0wFtD9AzcXlmEZz7g5AKTYfa7nuWC7_e4HIg9fYuFEfRjc0n5IQjLFnCZ-TfdxPQxdVtVAslb7Ea0GykOm7N8evzIJ4JTcE0sQk5t50Ep5w8dF84aKTqK9QynVGwTmXQrNYpidcUQLp035X-H2Q9fgoD7cWSwsycBiyrcWotrPksqWjamGxpjZyMfUVFPslNcfDTwASttf251gPgBAGgBi6AB7uJ_gaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEIzADNIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTA2MTQwMTA1MTk4ODA1NIAKA8gLAdgTA9AVAYAXAbIXHgocCAASFHB1Yi00ODA3NTYxNDU3NjY5OTk2GLzOGQ&sigh=T2wdLAY66AU&vt=1&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D
Requested by: Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7965 42 B
64 B 18ms
17ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQxO9Wucu1MW2KRzNIntZyqjWBVf34WUE7KQLfU1FmZw-8a7X4s9ChQFAIgJJal9Il7IqCEfN0BkdOTVVr1WFBzfPiFm24FetwlXtB_MF5X-G5-ArB3-xggy_aQQ&sai=AMfl-YR52No3yZ7S5wLW1NPpSmMPQxTNJkEzKbCmYevaY6Vy-QIb2HZBmJr43Ti1KjjcxgT0Cy-kccXq9bK3-aBnqSwDAWob3g9kHFbmdHsVYdQOZ6RwkR4b4N6jvKjZ45g&sig=Cg0ArKJSzLsGeZZ6Sck0EAE&id=lidar2&mcvt=1000&p=747,745,997,1045&asp=747,745,997,1045&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=232223144&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630643851741&rpt=562&isd=0&lsd=0&r=v

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7433 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOOF-15kKQ8-bkTa_v1iNBPYN54aUlOrRwhNyOlxjBMn_2xU_dwqSS8uJULi4Wp79k_GKXCJ-Fr5lcvFQIRbtx0TQq6UbeorQ5C2rBUR2CYYJHe2w_pWalceF3o0D7A9IT7PnjZWopYe1o23vI6V1r&sai=AMfl-YR0QH23gjpaHArcraaJLOdqAYcDj9tWsGx7BZ4um_vod5JGYDiw1kse9GbLLfOPW5fFu-JMmLSR13-3oBtLLfRWtpasi7JtBeBWskauv1IuMwTjsPKGEI3At0KXU3c&sig=Cg0ArKJSzIMA_aFJ8VfcEAE&id=ampim&o=1250,96&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=224&tls=1225&g=100&h=100&tt=1225&r=v&avms=ampa&adk=1742442203

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wthitv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 04:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0bfe1cb43b4ce47074e8d51e7d39d312.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 31 KB
31 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/0bfe1cb43b4ce47074e8d51e7d39d312.jpg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42671b121b533721074324e2bd5d4c6667eb0f5eab5aafff12108ad6df5be19

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31734
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H2 200 46b2c42a4681633adbdefbb034d9f7d9.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 5 KB
2 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/46b2c42a4681633adbdefbb034d9f7d9.svg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d41030e6bc99690f0739808134bef905bd61d55a03da480ffe37693cc21540

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2275
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H2 200 a378f566168aeaaa4b833009ca8ba037.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/a378f566168aeaaa4b833009ca8ba037.png

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3d601499aa37ab5b39a34937a82f0f62df95ef5879d3911630f360a33e24aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2200
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H2 200 8c31e776eccf9393207382db5c3cdc5a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 32 KB
33 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/8c31e776eccf9393207382db5c3cdc5a.jpg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35b0fa61e009f792cc1ebff582b1cf1d3282c96fdfcdf8472523eeddc4dc2f3b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33206
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires: Thu, 01 Sep 2022 10:16:32 GMT

GET
H2 200 d726e01456ddbf5f516f248c996b0f36.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 16 KB
3 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/d726e01456ddbf5f516f248c996b0f36.svg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e068e114231a08f7a35c09030c31b3e6ed7623dd1901000eaffe72163fc6dc50

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2677
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:32 GMT

GET
H2 200 693b54ea8f0b16e5e040e959d5f6e738.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 9 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/693b54ea8f0b16e5e040e959d5f6e738.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/fe4868bd6b6cbf201d3cddf8f192de51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279f0746276fd8b849da45757391570f8c178ca8a8be42d2a2b748e7dddc73fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1809
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H2 200 8c31e776eccf9393207382db5c3cdc5a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 32 KB
33 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/8c31e776eccf9393207382db5c3cdc5a.jpg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35b0fa61e009f792cc1ebff582b1cf1d3282c96fdfcdf8472523eeddc4dc2f3b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33206
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires: Thu, 01 Sep 2022 10:16:32 GMT

GET
H2 200 46b2c42a4681633adbdefbb034d9f7d9.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 5 KB
2 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/46b2c42a4681633adbdefbb034d9f7d9.svg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d41030e6bc99690f0739808134bef905bd61d55a03da480ffe37693cc21540

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2275
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H2 200 a378f566168aeaaa4b833009ca8ba037.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/a378f566168aeaaa4b833009ca8ba037.png

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3d601499aa37ab5b39a34937a82f0f62df95ef5879d3911630f360a33e24aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2200
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/0bfe1cb43b4ce47074e8d51e7d39d312.jpg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42671b121b533721074324e2bd5d4c6667eb0f5eab5aafff12108ad6df5be19

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31734
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H3-29 200 46b2c42a4681633adbdefbb034d9f7d9.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 5 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/46b2c42a4681633adbdefbb034d9f7d9.svg

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d41030e6bc99690f0739808134bef905bd61d55a03da480ffe37693cc21540

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2275
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

GET
H3-29 200 a378f566168aeaaa4b833009ca8ba037.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/ Frame D3C2 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1848377098735549687/media/a378f566168aeaaa4b833009ca8ba037.png

Requested by

Host: www.wthitv.com
URL: https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3d601499aa37ab5b39a34937a82f0f62df95ef5879d3911630f360a33e24aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 152473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2200
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 07:16:24 GMT
server: sffe
date: Wed, 01 Sep 2021 10:16:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:16:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.wthitv.com/content/news/SCAM-ALERT-Fraudsters-claim-Apple-iCloud-breach-to-steal-your-info-574603551.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33055e76da108ab1e1cba3e64daf41d5.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.bounceexchange.com
assets.revcontent.com
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.cityspark.com
cdn.field59.com
cdnjs.cloudflare.com
cds.connatix.com
connect.facebook.net
d3gpkdwom7cn1q.cloudfront.net
embed.secondstreetapp.com
fonts.googleapis.com
fonts.gstatic.com
ftp2.wthitv.com
googleads.g.doubleclick.net
heartbeat.heartlandtv.com
i.clean.gg
jadserve.postrelease.com
launcher.spot.im
maxcdn.bootstrapcdn.com
media.heartlandtv.com
ntvcld-a.akamaihd.net
pagead2.googlesyndication.com
player.field59.com
s-jsonp.moatads.com
s.clickability.com
s.ntv.io
s3.us-east-2.amazonaws.com
s7.addthis.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tag.bounceexchange.com
tpc.googlesyndication.com
trends.revcontent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wthitv.com
z.moatads.com
embed.secondstreetapp.com
104.16.57.230
104.70.81.101
151.101.194.137
151.139.128.11
172.217.23.98
18.116.179.127
18.214.172.53
184.30.24.121
2.16.107.105
2.16.186.17
2.18.234.163
2.18.235.40
209.59.156.234
2600:9000:2156:5600:1e:a43d:b640:93a1
2600:9000:2156:a800:11:193f:ab80:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:125e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
34.120.253.250
34.193.167.244
34.251.98.197
34.95.69.49
34.98.72.95
50.28.54.68
52.219.80.27
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
03ffd2a4fc20485fe83ffc04edd468f092bea77609c040f288070f727c8152bb
0658f5c512b0d65229744c48e39327016b9f629337cea0c06ae5137620c3925c
07a81d561954dae4a8c2fe69dce01f1a06f74830654975ed7c1b7bbb71c5b291
0999a7c80d428aca7048c17797e42ce94804645b674c923e242bce46eacff4b7
0acf52fc99d677bbac5e8c2627b85f46c2846c5cec6d48122eed33a81d877802
0b9befd55dc3666f32c277da525391f6f4b7923102325df29068efdb7cc3ea2c
0ca5c035a2e273e364ea9eb548ffa676da19ca709e28ea6621712bf2b5549ca8
10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
116659034a562584e146377aa65e67232ecda7921c01d4cbf3b24b73f12333b8
124a7bc302b75a4c92afb4ffb09b9f3af0913f9f96b9dfa4901e7d011eab3c47
12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9
13575e4e85121b088ab9dbdca88b8e29ced12719214a228c9b3b09d544d0a18b
1593e04810a63562337dbf6d5bc30eb9be5e2193e3546ab6fa672cdc11163f21
17cac471d53d5a48cebc28f051a469f8a9c67ce52c676c8c236fd09f4dbb2b8d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
22b70947edf0574af9b7254944addc1f831cf638170bdb825db5c84b921a223e
279f0746276fd8b849da45757391570f8c178ca8a8be42d2a2b748e7dddc73fd
28b4ab1610bb54a156dbb13000b24c054102b084a4633ac16bd0777f2ba19a0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302076afc62f1c09c1114728de943fbcb497af51f596194f2bbd28f5b1ff2a02
311a0bdcaeefcc5a1f7bfd5e4559c0a40e3ecba469638b0d6c850dc486f233f6
31877d406baaf14e4fd6f3473c34baa060504eaafcb745128774663ceaea89dc
33ae717b4f69d1dfcf8745cceb8d4fd64f95f63715cc66a6f8cc8d122eafd533
35b0fa61e009f792cc1ebff582b1cf1d3282c96fdfcdf8472523eeddc4dc2f3b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38657e2172fa61c9c0f943d4580c8be10a26f53a24b4ed6cd8786a001280ba2f
3b782ffcf59add8afa324cfd7a950193e6985441bc4d7dd5764426a006532358
3d9ccf39c14168986c8c08c9ebca94269c87cfb2db18bb8ca2fc6b85d9511335
3e10684028a44797b734c232e01ae86a2da170d7586b6aacde7df81557ce35eb
405075821d150ecec62181a1e9afcb5943b14ebe6359a8c7e8264a3aa2f48b30
4052a540e7041caffc424cbb742a02be8941085ad4f768a4708d559e249aa780
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4316a1687b52bf4dcf6d37508801141d90b0b5dc1d7c30cdc2883b668a2a0f08
43a4999efd4a9566afa09199b572e94a8d381cf96da5916520a0cf9d0248db9b
44f06b8d68628e6c2c0dc50990244cffd171be84e9524b1b6074b01ec100de74
45cd1573e8445a7e5b53d7c6e3bc76c0bdfd71e2bf74a71921554f4e9507d1a6
46d003d6eb12a412d2caf304af859a1a7bbf7388d5d99d17261582b0fd5686be
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
4c5f405dccdd142a76afb0250d6c1d0732460e86676df73c6c57cb62198ba17b
51ac9bd5ae73ff445ae3a0e8956426c44d27c677e477aeb7b10d27caebc050c1
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
555d6a9b2b3819558b92bf1b764ca5c96327c0a0a43541ead7bdff5640d81382
5cadced06504d8b02fc7c34021809e277b8add172cce4a25c6dec97c09fba0f8
5d1fcda7a5e5eff6c32eafca4fd696c1de5d7a678e0dacfc038c907102b27e52
5d934d8dfaf5e489f7b39081b6f77b946f7bc9ed4b0fc268db35cf17dfa66292
5f391fec8d3f6ea6f4af6d7f83df545a9bb39248b77b26ab835839d6799684ce
6056114a487679d33f9392127dfabed45883fc29f07f2d55313bdecd2290c9dc
60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9
60a17b6305902af291ffe3de873d15b37d5be7d64c75389929b3d9d92cc8820b
6276173fd26f3d9db77441295d696c760974fb85f3b5b71b1da92ef1b79fe866
636a46b1d8f0d467c259895f099448d6de31e942695b127b8f02ec632d7759a3
6b20a1330079a00f437b6dca10dcce6c3183eb00bba82dc6782cb9f4f3f7f556
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8759c1d629ee697b371247885b4516a80a535c3a67199848ab41b305a11372
6c4a662be25a99547a4e736867a2a13c96b29aa19741a42cd9fe62341e827610
6d3d601499aa37ab5b39a34937a82f0f62df95ef5879d3911630f360a33e24aa
6ecbf8ef5982068a28613af44ce4955a5d0b19e8c274cb1c39282edd4b9a2782
75fdde7af077bfb5a17809f130c8feaf66f9d007323d8791dbf84716185513cf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a68e38b5b6fee73462cccba26ac9bf3f456e1125ac410c3fa173c64ca126ce4
7bab0b0aeb5a83cc186a91d60fef8f6b92a645981239e697fec6fa99701b6688
7c9190041dcd8d9af1d965e7a267ebf02fcbf606e7a3c798bcb4b55a76b80e0d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80082a57c082e53fb616f40368e02c5851de65d0bdc5874b7570fc8c795b4f79
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
81851d5f831a00ccb22aef2efad6eba01e06ac668463085829d687994d16510e
821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047
83989511162f4870eec741186b1f61e347cf37e3d54da12035a90da2836965cb
83b069a05b4d18977ef74f5e488a76d69985bf448ef207cedc347aa9598b9c53
863565439a5421b737858a16e13ee68f6443c9b30419c8ee054bb07c116edb33
868c5c9f47ddc7e9385871137f503d484166fae165ea4c0816456b09b4891482
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
94a4f339f46f66d24a75fc71782aab04965fc941e839258905749ecbbdaacacc
94db4ddc3645556e1694e4222fb052423b20485050cc2ed54f4d5117f5619fcc
964c3d5e06c85cee3e60121aeb5072bb9a65f324e119f33f2701d54df924ff41
99d41030e6bc99690f0739808134bef905bd61d55a03da480ffe37693cc21540
9ac700cf721354cccbb44ddcfee9478416d31301a208e820f106c75de9fcaf28
9e689e6845b6db4ced1bbfcff8d11582ee62530584d9bb442944c3a6dad39c91
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a213b67eebe575881cc62cd8800129e15d9ca92049b2e37832bf83d9fa2ed79e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5941a85a160bd3d1b6ebf8ed8bfaaf2c9cad644907b0935b7632b844046b543
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88c2cceff9fed1facc390988d1dfbb65f8fcac6915a360458363d9e7b52feb4
a9bbbc70ed3f26319435f99b6c88df191ed9fce1b455bc3a60cce718e8202cdb
aa17ece9f803fc26d80f2561fc061ae4dbd2c32f99e35353c6d6b389ffba38d6
ab6c4fd4bea57a49ab8d190552d6dcaddaf54accf6ccc8e135175c9181e4ae6c
abc2739f6c41335d188870dddb470dc1c0fe7ba38ea12aa741065de1855e986e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af021230e6545c69cb57a70ac3c4ae7e1afc72e0e948a37ef6a7a16fe3ade686
b1833041aa1638c2a25eb32da3e639fb82dbcb17736500a60a98851601f38c92
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bfc870ffd2897d5f380be0b95e89a4ffd7f1cdde24ba00fcba21e20524bcf70d
c19ea99174525fe7e0d322b6ef4e519866c3615cdadc9b91e1d0b9d89ed8536b
c1adf50c19280730f47b7ddb5247d995ca12126efa624087021c1e51f1556b4c
c355fae78854ae04a5338672cbcf946f4337a91b68b94bc1c9171c4dc4dad005
c46ae00fde068963bd0c2c8de9927a54dfa9486d502ddae54e9dd225a190ae0f
c5392970032ac85f388a858e3843a93b8a510b2aeac0fc98ede028ec62462620
c62435d150cac5c7812c232c0868b85e8d97aa7c0ea8002e4f33ae104cac8b66
c6790a64a8179819745c8ffd13e3b25b2e2e6b7bde326b0eebb1ae5fa05dcb97
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
ca58465ad583ed235b23becc160e764c6dc9a7cc78a238fc15aeedd3c861290d
caa42b1086ad9ef3d2a118401968bf4f2e649ecffe09eba5e8762e6d3cab5d40
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d75d46c4c758970dddb62d2ab2de92d49e6e31dabd9a378d91da0032ab24d09d
d81169ff6bfcf16740e9e7aa45d2177628cf07f261a4e79a0ca1c99a8bf4b81f
d88a056eed7fc9dd598f345ea866f324ddeec180e3c5976083257a1cd847d568
da793aeb4f04aab8ec2ff45fc6c4fd339511b050f11c0d9aa500902e5c3856cf
dcaa34fd48dbc241fe20e6105a4faeac0e8ddf9c063fb1bcd9144ff34a9f879b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e068e114231a08f7a35c09030c31b3e6ed7623dd1901000eaffe72163fc6dc50
e36127e5c27b903529c4f60187fd678d04ab41c05296cb4a1c1459d9a2667981
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42671b121b533721074324e2bd5d4c6667eb0f5eab5aafff12108ad6df5be19
e6ff68ef22cee3c7ba0ec08c32fafb3bf53d72300af54519083fe7265fde57d7
e7e2fbd4fe8af59374aa665e78992b46204a046b4d6a06e75a608a22fa4b0690
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e972d187856b7eecff4edcf05b77397ffd09ffebbe19e44e7153d195d65fd48e
eaf8e6d11052af07d44b6f23f17ecfd17e2d1d485e3081affc5f9151bd5f5617
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f4ab761de79f35a39db945fc296aff7e03dd3b4948ab8abce7eda1a1fea0122f
f7cf4e540eee76e65ef5220e90626e072e0ead8ec950a8f1afe4202045699749
f8f4f65da989e98349457dcbd2f8e17e88972d98dea663eaf85133d5e47c4dce
f9a41d339485b96251bdba3d0e2af8f05d0403a4e1469de4296a6f1d21d76bc2
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fbda7896541afeaddfc0066e92a5f65b3836576cc4d43a2cc10b7470cce47236
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.wthitv.com Open in urlscan Pro 104.70.81.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

183 Requests

97 %HTTPS

58 %IPv6

32 Domains

46 Subdomains

49 IPs

5 Countries

6879 kBTransfer

11735 kBSize

0 Cookies

5 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wthitv.com Open in urlscan Pro
104.70.81.101 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

97 %
HTTPS

58 %
IPv6

32
Domains

46
Subdomains

49
IPs

5
Countries

6879 kB
Transfer

11735 kB
Size

0
Cookies

183 HTTP transactions
5 data transactions